Description
Cross-site scripting (XSS) vulnerability in the TimeMediaHandler extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to videos.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gravity Forms Cross-Site Scripting (1.9.15.11)
Jenkins Improper Authentication Vulnerability (CVE-2017-2604)
MongoDb Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4650)
phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-6623)
Joomla! Core 3.9.x Cross-Site Request Forgery (3.9.0 - 3.9.19)