An XSS vulnerability with the MsCalendar extension
<https://www.mediawiki.org/wiki/Extension:MsCalendar> has been fixed.
Everyone using the extension should upgrade to version 2.0-1 or higher.
Details available at
https://phabricator.wikimedia.org/T133511