Description
MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Super Cache Cross-Site Scripting (1.7.2)
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2582)
WordPress Plugin S3Bubble Cloud Video With Adverts & Analytics Arbitrary File Download (0.7)
MySQL CVE-2019-2420 Vulnerability (CVE-2019-2420)
WordPress Plugin WP Database Backup Cross-Site Scripting (3.3)