MediaWiki is a free and free-to-use web-based wiki engine from the U.S. Wikimedia (MediaWiki) Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki has a cross-site scripting vulnerability that can be exploited by attackers to inject cross-site code in the VisualEditor Media Dialog and launch XSS attacks.