MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability - CVE-2017-0372 - Vulnerability Database

MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability - CVE-2017-0372

Critical
Reference: CVE-2017-0372
Title: MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Overview:

Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16 1.27.3 and 1.28.2 might result in multiple vulnerabilities.