MediaWiki is a free and free-to-use web-based wiki engine from the US-based MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems.MediaWiki version 1.1 contains a cross-site scripting vulnerability, which stems from the ScratchLogin extension not escaping authentication failure messages and could be exploited by an attacker with administrator privileges to perform cross-site scripting (XSS) attacks.