Description
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject arbitrary web script via HTML attributes in page templates.
Remediation
References
Related Vulnerabilities
Java Unspesificed Vulnerability (CVE-2018-3169)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-15005)
WordPress Plugin Integration for Contact Form 7 and Infusionsoft Cross-Site Scripting (1.1.2)
Elgg Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3964)