Description
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.18.5 and 1.19.x before 1.19.2 allows remote attackers to inject arbitrary web script or HTML via a File: link to a nonexistent image.
Remediation
References
Related Vulnerabilities
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-13258)
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20901)
Oracle Database Server CVE-2017-10120 Vulnerability (CVE-2017-10120)
Nginx Out-of-bounds Write Vulnerability (CVE-2011-4315)
WordPress Plugin Ceceppa Multilingua Multiple Cross-Site Scripting Vulnerabilities (1.5.13)