Description
An issue was discovered in the Tempo skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gravity Forms Constant Contact Cross-Site Scripting (1.0.5)
WordPress Plugin Heat Trackr Cross-Site Scripting (1.0)
PHP Out-of-bounds Write Vulnerability (CVE-2021-21703)
Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)
PHP Improper Certificate Validation Vulnerability (CVE-2015-3152)