Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Action/mediawiki.Action.Edit.Preview.Js, resources/src/mediawiki.Page.Preview.Js. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.
Remediation
References
Related Vulnerabilities
Resin Application Server Improper Input Validation Vulnerability (CVE-2012-2965)
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-7065)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4408)
Moodle Insertion of Sensitive Information into Log File Vulnerability (CVE-2012-1156)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2039)