MediaWiki is a free and free-to-use web-based wiki engine from the US-based MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A cross-site scripting vulnerability exists in MediaWiki 1.37 and earlier versions, which stems from the clientUrl field not being fully escaped and filtered for user input, and could be exploited by attackers to conduct cross-site scripting attacks.