Mediawiki

A remote, authenticated attacker can exploit multiple vulnerabilities in MediaWiki to execute arbitrary code, disclose information, perform a cross-site scripting attack, or cause a denial of service condition.