Description
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. There is Blind Stored XSS via a URL to the Upload Image feature.
Remediation
References
Related Vulnerabilities
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-2471)
Nginx Integer Overflow or Wraparound Vulnerability (CVE-2017-7529)
WordPress Plugin Blue Admin Cross-Site Request Forgery (21.06.01)
WordPress Plugin Abandoned Cart Lite for WooCommerce SQL Injection (5.8.1)
WordPress Plugin Disable Comments Cross-Site Request Forgery (1.0.3)