Description
Cross-site scripting (XSS) vulnerability in includes/actions/InfoAction.php in MediaWiki before 1.21.9 and 1.22.x before 1.22.6 allows remote attackers to inject arbitrary web script or HTML via the sort key in an info action.
Remediation
References
Related Vulnerabilities
Drupal CVE-2008-1729 Vulnerability (CVE-2008-1729)
WordPress Plugin Cimy User Extra Fields Denial of Service (2.6.3)
Oracle HTTP Server CVE-2022-21375 Vulnerability (CVE-2022-21375)
Oracle HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2022-25235)
Internet Information Services Other Vulnerability (CVE-2000-1147)