Description
Incomplete blacklist vulnerability in MediaWiki before 1.4.11 does not properly remove certain CSS inputs (HTML inline style attributes) that are processed as active content by Internet Explorer, which allows remote attackers to conduct cross-site scripting (XSS) attacks.
Remediation
References
Related Vulnerabilities
MySQL CVE-2019-2993 Vulnerability (CVE-2019-2993)
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Arbitrary File Upload (2.8.1.1)
SharePoint CVE-2021-42294 Vulnerability (CVE-2021-42294)
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.3)
WordPress Plugin NS Utilities Unspecified Vulnerability (1.0)