Description
An issue was discovered in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is XSS in youhavenewmessagesmanyusers and youhavenewmessages i18n messages. This is related to MediaWiki:Youhavenewmessagesfromusers.
Remediation
References
Related Vulnerabilities
MyBB Improper Access Control Vulnerability (CVE-2016-9412)
MySQL CVE-2019-2801 Vulnerability (CVE-2019-2801)
WordPress Plugin My Calendar Cross-Site Scripting (2.4.18)
Microsoft SQL Server CVE-2023-21704 Vulnerability (CVE-2023-21704)
WordPress Plugin Sniplets Multiple Input Validation Vulnerabilities (1.2.2)