Description
An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.
Remediation
References
Related Vulnerabilities
Drupal Core 6.x Cross-Site Scripting (6.0 - 6.10)
WordPress Plugin WP Rss Poster SQL Injection (1.0.0)
WordPress Plugin Dharma booking Local/Remote File Inclusion (2.38.3)
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4320)
WordPress Plugin Better Find and Replace Cross-Site Scripting (1.2.8)