Description
Cross-site scripting (XSS) vulnerability in api.php in (1) MediaWiki 1.11 through 1.11.0rc1, 1.10 through 1.10.2, 1.9 through 1.9.4, and 1.8; and (2) the BotQuery extension for MediaWiki 1.7 and earlier; when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin GEO my WordPress Unspecified Vulnerability (2.6.1.1)
WordPress Plugin Wp custom slider SQL Injection (1.6.2)
IBM WebSEAL Session Fixation Vulnerability (CVE-2018-1804)
Internet Information Services Other Vulnerability (CVE-2002-1744)
osCommerce Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-18572)