Description
A cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitrary web script or HTML via Lua function names.
Remediation
References
Related Vulnerabilities
Moodle Improper Input Validation Vulnerability (CVE-2013-2083)
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.17)
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (5.1.0)
WordPress Plugin Read Offline Cross-Site Scripting (0.9.17)
WordPress Plugin WPQA-Builder forms Addon For WordPress Insecure Direct Object Reference (5.9.2)