Description
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.18.5 and 1.19.x before 1.19.2, when unspecified JavaScript gadgets are used, allow remote attackers to inject arbitrary web script or HTML via the userlang parameter to w/index.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin YITH WooCommerce Frequently Bought Together Security Bypass (1.2.10)
OpenSSL Other Vulnerability (CVE-2010-4180)
WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.81)
WordPress Plugin Essential Blocks Pro Multiple PHP Object Injection Vulnerabilities (1.1.0)
WordPress Plugin Download Manager Multiple Cross-Site Scripting Vulnerabilities (3.2.48)