Description MediaWiki 1.18.0 allows remote attackers to obtain the installation path via vectors related to thumbnail creation. Remediation References CVE-2014-1686 Related Vulnerabilities Apache Tomcat Other Vulnerability (CVE-2001-0829) WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5488) osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43719) SugarCRM Improper Input Validation Vulnerability (CVE-2017-14509) Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11110) Severity Medium Classification CVE-2014-1686 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities