CVE-2017-0366

Name of the Vulnerable Software and Affected Versions Mediawiki versions prior to 1.28.1 Mediawiki versions prior to 1.27.2 Mediawiki versions prior to 1.23.16

Description The issue allows attackers to evade SVG filters by utilizing default attribute values in DTD declarations.

Recommendations For versions prior to 1.28.1, update to version 1.28.1 or later. For versions prior to 1.27.2, update to version 1.27.2 or later. For versions prior to 1.23.16, update to version 1.23.16 or later.