Description
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, when using HTML Tidy ($wgUseTidy), allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Data Tables Generator by Supsystic Security Bypass (1.10.25)
WordPress Plugin Csv2WPeC Coupon Arbitrary File Upload (1.1)
WordPress Plugin SAML SP Single Sign On-SSO login Cross-Site Scripting (4.8.72)
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17305)
ATutor Improper Authentication Vulnerability (CVE-2014-9753)