Mediawiki · Mediawiki · CVE-2011-0047
**Name of the Vulnerable Software and Affected Versions**
MediaWiki versions prior to 1.16.2
**Description**
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments. This is also referred to as a "CSS injection vulnerability."
**Recommendations**
For versions prior to 1.16.2, update to version 1.16.2 or later to resolve the issue.