Description
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to bypass the SVG filtering and obtain sensitive user information via a mixed case @import in a style element in an SVG file, as demonstrated by "@imporT."
Remediation
References
Related Vulnerabilities
WordPress Plugin Wp Cookie Choice Cross-Site Request Forgery (1.1.0)
MySQL CVE-2024-21230 Vulnerability (CVE-2024-21230)
MySQL CVE-2023-22026 Vulnerability (CVE-2023-22026)
WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-17359)
WordPress Plugin Gutenberg & Elementor Templates Importer For Responsive Security Bypass (2.2.5)