Description
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where Special:UserLogin?returnto=interwiki:foo will redirect to external sites.
Remediation
References
Related Vulnerabilities
WordPress Plugin PHP Everywhere Multiple Remote Code Execution Vulnerabilities (2.0.3)
WordPress Plugin Monarch Social Sharing Security Bypass (1.2.6)
WordPress Plugin Social Articles Security Bypass (2.4)
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-21336)