Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a XSS vulnerability in SearchHighlighter::highlightText() with non-default configurations.
[
{
"product": "mediawiki",
"vendor": "mediawiki",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
]