Description
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via crafted XSL in an SVG file.
Remediation
References
Related Vulnerabilities
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2015-1399)
WordPress Plugin Easy Google Maps Cross-Site Scripting (1.9.33)
Magento Cleartext Storage of Sensitive Information Vulnerability (CVE-2019-8118)
Jetty Improper Input Validation Vulnerability (CVE-2022-2047)
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5487)