MediaWiki Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2021-41798
Reference:
CVE-2021-41798
Title:
MediaWiki Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:
MediaWiki before 1.36.2 allows XSS. Month related MediaWiki messages are not escaped before being used on the Special:Search results page.