Description
A cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitrary web script or HTML via Lua function names.
Remediation
References
Related Vulnerabilities
WordPress Plugin 1player Cross-Site Scripting (1.3)
Jboss EAP Resource Management Errors Vulnerability (CVE-2016-7046)
Oracle JRE CVE-2022-21540 Vulnerability (CVE-2022-21540)
MySQL CVE-2020-2761 Vulnerability (CVE-2020-2761)
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22903)