mediawiki

• Author: kikadf
• Vulnerable: 1.19.19-1arcturus1
• Unaffected: 1.19.20-1arcturus1

It was reported that MediaWiki, a website engine for collaborative work, allowed to load user-created CSS on pages where user-created JavaScript is not allowed.

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7295