Description
resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page.
Remediation
References
Related Vulnerabilities
WordPress Plugin PowerPress Podcasting by Blubrry Cross-Site Scripting (10.0)
Nexus Repository Manager Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-11415)
WordPress Other Vulnerability (CVE-2006-2667)
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Multiple Vulnerabilities (1.17.1)