Description
Cross-site scripting (XSS) vulnerability in the TimeMediaHandler extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to videos.
Remediation
References
Related Vulnerabilities
WordPress Plugin Protected Posts Logout Button Cross-Site Request Forgery (1.4.4)
WordPress Plugin Daily Inspiration Generator Cross-Site Scripting (2.0)
WordPress Plugin MiniMax-Page Layout Builder Arbitrary File Upload (1.7.1)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-7233)