Description
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows remote attackers to inject > (greater than) characters via the id attribute of a headline.
Remediation
References
Related Vulnerabilities
WordPress Plugin Related Posts by Zemanta Cross-Site Request Forgery (1.3.1)
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-38843)
WordPress Plugin WP Consultant Cross-Site Scripting (1.0)
WordPress Plugin Media File Manager Multiple Vulnerabilities (1.4.2)
WordPress Plugin oQey Gallery 'gal_id' Parameter SQL Injection (0.4.8)