Description Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw making rawHTML mode apply to system messages. Remediation References CVE-2017-0368 Related Vulnerabilities MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-9481) OpenSSL Other Vulnerability (CVE-2014-5139) Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5319) MySQL CVE-2020-14651 Vulnerability (CVE-2020-14651) PHP Out-of-bounds Read Vulnerability (CVE-2019-9022) Severity Medium Classification CVE-2017-0368 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Tags Missing Update Known Vulnerabilities