Description
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. There is Blind Stored XSS via a URL to the Upload Image feature.
Remediation
References
Related Vulnerabilities
Joomla! Core 1.0.x Multiple Unspecified Vulnerabilities (1.0.0 - 1.0.10)
Perl Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-1999-1386)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3617)
MySQL CVE-2024-21197 Vulnerability (CVE-2024-21197)
Apache HTTP Server Session Fixation Vulnerability (CVE-2001-1534)