CVE request: XSS in uselang http parameter (mediawiki)

[Vincent Danen <vdanen () redhat com>]

Mediawiki 1.17.5, 1.18.4, and 1.19.1 were released today to fix a XSS
vulnerability in the useland http parameter.

References:

http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-June/000118.html
https://bugzilla.wikimedia.org/show_bug.cgi?id=36938
https://bugzilla.redhat.com/show_bug.cgi?id=831876

I didn't spot a CVE name in the release, so requesting one here.

Thanks.

--
Vincent Danen / Red Hat Security Response Team