Description
The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attribute injection attacks via glossary rules.
Remediation
References
Related Vulnerabilities
Drupal Other Vulnerability (CVE-2016-3164)
WordPress 2.0.5 Invalid CSRF Token Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)
Oracle JRE CVE-2019-2894 Vulnerability (CVE-2019-2894)
SharePoint CVE-2024-32987 Vulnerability (CVE-2024-32987)
Liferay Portal Improper Certificate Validation Vulnerability (CVE-2022-42131)