Mzmcbride

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions prior to 1.28.1 MediaWiki versions prior to 1.27.2 MediaWiki versions prior to 1.23.16 **Description** The issue arises from the ineffective spam blacklist on encoded URLs inside file inclusion syntax's link parameter. This could potentially allow malicious activities. **Recommendations** For versions prior to 1.28.1, update to version 1.28.1 or later. For versions prior to 1.27.2, update to version 1.27.2 or later. For versions prior to 1.23.16, update to version 1.23.16 or later.