Description
An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2359)
WordPress Plugin Like Button Rating-LikeBtn Server-Side Request Forgery (2.6.31)
XWiki Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-48240)
WordPress Plugin LearnDash LMS Insecure Direct Object Reference (4.6.0)