Description
The checkCss function in includes/Sanitizer.php in the wikitext parser in MediaWiki before 1.16.3 does not properly validate Cascading Style Sheets (CSS) token sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information by using the \2f\2a and \2a\2f hex strings to surround CSS comments.
Remediation
References
Related Vulnerabilities
WordPress Plugin WpPygments Multiple Cross-Site Scripting Vulnerabilities (0.3.2)
WordPress Plugin Spotlight Social Feeds [Block, Shortcode, and Widget] Cross-Site Scripting (1.4.2)
WordPress Plugin Background Music Cross-Site Scripting (1.0)
WordPress Plugin Survey Maker-Best WordPress Survey Cross-Site Scripting (2.0.6)
Squid Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-28652)