Description
MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
Remediation
References
Related Vulnerabilities
Jenkins CVE-2015-7538 Vulnerability (CVE-2015-7538)
WordPress Plugin Content Timeline Multiple SQL Injection Vulnerabilities (4.4.2)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4572)
Joomla! Core 2.5.0 Information Disclosure (2.5.0)
WordPress Plugin Slideshow Gallery LITE Multiple Vulnerabilities (1.5.3)