[Wikidata-bugs] [Maniphest] T297570: XSS in Wikibase using formatter URL (CVE-2021-45472)

2021-12-24 Thread MoritzMuehlenhoff
MoritzMuehlenhoff renamed this task from "XSS in Wikibase using formatter URL" to "XSS in Wikibase using formatter URL (CVE-2021-45472)". TASK DETAIL https://phabricator.wikimedia.org/T297570 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Lucas_Werk

[Wikidata-bugs] [Maniphest] T297570: XSS in Wikibase using formatter URL

2021-12-23 Thread sbassett
sbassett added a parent task: Restricted Task. TASK DETAIL https://phabricator.wikimedia.org/T297570 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Lucas_Werkmeister_WMDE, sbassett Cc: Zabe, Bugreporter, hashar, Jakob_WMDE, noarave, toan, Rosalie_WMD

[Wikidata-bugs] [Maniphest] T297570: XSS in Wikibase using formatter URL

2021-12-21 Thread sbassett
sbassett closed this task as "Resolved". TASK DETAIL https://phabricator.wikimedia.org/T297570 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Lucas_Werkmeister_WMDE, sbassett Cc: Zabe, Bugreporter, hashar, Jakob_WMDE, noarave, toan, Rosalie_WMDE, ka

[Wikidata-bugs] [Maniphest] T297570: XSS in Wikibase using formatter URL

2021-12-17 Thread Maintenance_bot
Maintenance_bot removed a project: Patch-For-Review. TASK DETAIL https://phabricator.wikimedia.org/T297570 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Lucas_Werkmeister_WMDE, Maintenance_bot Cc: Zabe, Bugreporter, hashar, Jakob_WMDE, noarave, toan

[Wikidata-bugs] [Maniphest] T297570: XSS in Wikibase using formatter URL

2021-12-17 Thread gerritbot
gerritbot added a comment. Change 748073 **merged** by jenkins-bot: [mediawiki/extensions/Wikibase@REL1_36] SECURITY: Ignore formatter URLs with bad protocol https://gerrit.wikimedia.org/r/748073 TASK DETAIL https://phabricator.wikimedia.org/T297570 EMAIL PREFERENCES https://ph

[Wikidata-bugs] [Maniphest] T297570: XSS in Wikibase using formatter URL

2021-12-17 Thread gerritbot
gerritbot added a comment. Change 748072 **merged** by jenkins-bot: [mediawiki/extensions/Wikibase@REL1_37] SECURITY: Ignore formatter URLs with bad protocol https://gerrit.wikimedia.org/r/748072 TASK DETAIL https://phabricator.wikimedia.org/T297570 EMAIL PREFERENCES https://ph

[Wikidata-bugs] [Maniphest] T297570: XSS in Wikibase using formatter URL

2021-12-17 Thread gerritbot
gerritbot added a comment. Change 748073 had a related patch set uploaded (by Tobias Andersson; author: Lucas Werkmeister (WMDE)): [mediawiki/extensions/Wikibase@REL1_36] SECURITY: Ignore formatter URLs with bad protocol https://gerrit.wikimedia.org/r/748073 TASK DETAIL https://p

[Wikidata-bugs] [Maniphest] T297570: XSS in Wikibase using formatter URL

2021-12-17 Thread gerritbot
gerritbot added a project: Patch-For-Review. TASK DETAIL https://phabricator.wikimedia.org/T297570 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Lucas_Werkmeister_WMDE, gerritbot Cc: Zabe, Bugreporter, hashar, Jakob_WMDE, noarave, toan, Rosalie_WMDE

[Wikidata-bugs] [Maniphest] T297570: XSS in Wikibase using formatter URL

2021-12-17 Thread gerritbot
gerritbot added a comment. Change 748072 had a related patch set uploaded (by Tobias Andersson; author: Lucas Werkmeister (WMDE)): [mediawiki/extensions/Wikibase@REL1_37] SECURITY: Ignore formatter URLs with bad protocol https://gerrit.wikimedia.org/r/748072 TASK DETAIL https://p

[Wikidata-bugs] [Maniphest] T297570: XSS in Wikibase using formatter URL

2021-12-17 Thread WMDE-leszek
WMDE-leszek changed the visibility from "Custom Policy" to "Public (No Login Required)". WMDE-leszek changed the edit policy from "Custom Policy" to "All Users". TASK DETAIL https://phabricator.wikimedia.org/T297570 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpref