Description
Cross-site scripting (XSS) vulnerability in the outputPage function in includes/SkinTemplate.php in MediaWiki before 1.17.5, 1.18.x before 1.18.4, and 1.19.x before 1.19.1 allows remote attackers to inject arbitrary web script or HTML via the uselang parameter to index.php/Main_page.
Remediation
References
Related Vulnerabilities
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Cross-Site Scripting (5.127.3)
MySQL CVE-2021-2339 Vulnerability (CVE-2021-2339)
WordPress Plugin Chat-Support Board-WordPress Chat Cross-Site Scripting (3.3.4)
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-3850)
WordPress Plugin LBstopattack Cross-Site Request Forgery (1.1.2)