https://bugzilla.wikimedia.org/show_bug.cgi?id=40965
Platonides <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #2 from Platonides <[email protected]> 2012-10-12 19:29:38 UTC --- You are on an untrusted network, so you only login in https, but as the wiki then loads http://freegeoip.net/json/?callback=mw.uls.setGeo in http, the attacker replaces the answer and runs arbitrary javascript in your browser... -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
