https://bugzilla.wikimedia.org/show_bug.cgi?id=25340
Summary: Cross Site Scripting Vulnerability Product: MediaWiki extensions Version: any Platform: All URL: http://semantic-mediawiki.org/wiki/Special:Ask OS/Version: All Status: NEW Severity: normal Priority: Normal Component: Semantic MediaWiki AssignedTo: mar...@semantic-mediawiki.org ReportedBy: david.pa...@commercebank.com If you enter: <script>alert("CSS Vulnerability");</script> into the query window and click on the 'Find results' button, it will pop up an alert window the the 'CSS Vulnerability' message. This works on all versions of Media wiki and the semantic extensions I have tried. Works in both Firefox and IE. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l