A cross-site scripting (XSS) vulnerability in MediaWiki prior to 1.19.5 and 1.20.x prior to 1.20.4 and allows remote malicious users to inject arbitrary web script or HTML via Lua function names.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mediawiki mediawiki |
||
debian debian linux 10.0 |
||
debian debian linux 9.0 |