Description
Cross-site scripting (XSS) vulnerability in the API pretty-printing mode in MediaWiki 1.8.0 through 1.8.4, 1.9.0 through 1.9.3, 1.10.0 through 1.10.1, and the 1.11 development versions before 1.11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Cross-Site Scripting (5.10.1)
WordPress Plugin Smart Slideshow 'upload.php' Arbitrary File Upload (2.1)
WebLogic CVE-2016-3445 Vulnerability (CVE-2016-3445)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000862)
WordPress Plugin underConstruction Cross-Site Scripting (1.18)