Description
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where Special:UserLogin?returnto=interwiki:foo will redirect to external sites.
Remediation
References
Related Vulnerabilities
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1559)
MySQL CVE-2018-2665 Vulnerability (CVE-2018-2665)
WordPress MU 'wp-includes/wpmu-functions.php' Cross-Site Scripting Vulnerability (1.0 - 2.6)
WordPress Plugin UserPro-Community and User Profile Security Bypass (4.9.17)
WordPress Plugin BulletProof Security Cross-Site Scripting (.47)