CVE-2017-8811 log

Source
Severity High
Remote Yes
Type Cross-site scripting
Description
The implementation of raw message parameter expansion in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows HTML mangling attacks.
Group Package Affected Fixed Severity Status Ticket
AVG-490 mediawiki 1.29.1-1 1.29.2-1 High Fixed
Date Advisory Group Package Severity Type
15 Nov 2017 ASA-201711-20 AVG-490 mediawiki High multiple issues
References
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
https://phabricator.wikimedia.org/T176247
https://github.com/wikimedia/mediawiki/commit/410c00a9ae92411d3d1568e84c4aa2579a577635