Description
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.18.5 and 1.19.x before 1.19.2 allows remote attackers to inject arbitrary web script or HTML via a File: link to a nonexistent image.
Remediation
References
Related Vulnerabilities
WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3890)
MySQL CVE-2017-10286 Vulnerability (CVE-2017-10286)
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-3836)
datatables Cross-site Scripting (XSS) Vulnerability (CVE-2015-6584)
WordPress Plugin FireStats 'firestats-wordpress.php' Remote File Include (1.6.1)