Description
An issue was discovered in the Foreground skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Calls to Action Unspecified Vulnerability (2.3.5)
WordPress Plugin W3SCloud Contact Form 7 to Zoho CRM Cross-Site Scripting (1.1.2)
PmWiki Other Vulnerability (CVE-2006-4453)
WordPress 4.3.x Cross-Domain Flash Injection Vulnerability (4.3 - 4.3.14)
DOMPurify URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-25155)