Description
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. BlockLogFormatter.php in BlockLogFormatter allows XSS in the partial blocks feature.
Remediation
References
Related Vulnerabilities
MySQL CVE-2020-14663 Vulnerability (CVE-2020-14663)
WordPress Plugin Connector for Gravity Forms and Google Sheets Cross-Site Scripting (1.1.0)
MySQL CVE-2022-21302 Vulnerability (CVE-2022-21302)
WordPress 6.3.x Multiple Vulnerabilities (6.3 - 6.3.2)
WordPress Plugin Random Banner Cross-Site Scripting (1.1.2.1)