Description
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where Special:UserLogin?returnto=interwiki:foo will redirect to external sites.
Remediation
References
Related Vulnerabilities
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2024-38477)
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Scripting (1.16.4)
WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes SQL Injection (7.6.2)
Squid Improper Certificate Validation Vulnerability (CVE-2021-41611)
WordPress Plugin StatPress Multiple Unspecified Vulnerabilities (1.4.1)