Description
An issue was discovered in the Tempo skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries.
Remediation
References
Related Vulnerabilities
WordPress Plugin EventCommerce WP Event Calendar Cross-Site Scripting (1.0)
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5487)
WordPress Plugin WP Doctor Potential Malicious Code (1.7)
Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-28615)
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-48293)