Description
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows remote attackers to inject > (greater than) characters via the id attribute of a headline.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Keyword Link Multiple Cross-Site Scripting Vulnerabilities (1.7)
Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-5485)
PHP NULL Pointer Dereference Vulnerability (CVE-2018-19935)
Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-1610)