MediaWiki before 1.36.2 allows XSS. Month related MediaWiki messages are not escaped before being used on the Special:Search results page.
Published October 11, 2021.
Mediawiki Mediawiki
Fedoraproject Fedora
