CVE-2019-19910
The connected records confirm CVE-2019-19910 affects the MinervaNeue Skin in MediaWiki versions from 2019-11-05 to 2019-12-13 (1.34/1.35). The root cause is mishandling of certain HTML attributes, enabling client-side impact via IMG onmouseover= (XSS) and IMG src=http (disclosing the client’s IP)...