Description
Cross-site scripting (XSS) vulnerability in the preview in the TemplateSandbox extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via the text parameter to Special:TemplateSandbox.
Remediation
References
Related Vulnerabilities
WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2020-11027)
Joomla! Core 3.x.x Information Disclosure (3.1.0 - 3.8.7)
Oracle Database Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-1363)
WordPress Plugin Events Calendar for Google Local File Inclusion (2.1.0)
ProjectSend Improper Privilege Management Vulnerability (CVE-2020-28874)