Description
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, when using HTML Tidy ($wgUseTidy), allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Remediation
References
Related Vulnerabilities
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2101)
WordPress Plugin Simple Slider 'New Image' Field Cross-Site Scripting (1.0)
WordPress Plugin Ultimate Addons for Beaver Builder Cross-Site Scripting (1.24.3)
Magento Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8155)