Description
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka "CSS injection vulnerability."
Remediation
References
Related Vulnerabilities
WordPress Plugin Relevant-Related Posts by BestWebSoft Cross-Site Scripting (1.1.9)
Roundcube Files or Directories Accessible to External Parties Vulnerability (CVE-2017-16651)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3394)
PHP Integer Overflow or Wraparound Vulnerability (CVE-2017-9120)