MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability - CVE-2017-0372 - Vulnerability Database
MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability - CVE-2017-0372
Critical
Reference:
CVE-2017-0372
Title:
MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Overview:
Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16 1.27.3 and 1.28.2 might result in multiple vulnerabilities.