--- Comment #11 from Chris Steipp <cste...@wikimedia.org> ---
(In reply to comment #8)
> In my role as sysadmin at RationalWiki.org, I just upgraded it to 1.19.10 -
> thought I had - and Chris Davis' 'sploit link still runs the demo 'sploit for
> Looking at includes/XmlTypeCheck.php and includes/upload/UploadBase.php in
> RW installation, the patches in attachment 13916 [details] appear to be
> Should the demo 'sploit still work?
Yes, the patch prevents the upload, but existing files will still be there.
Grepping for "<?xml-stylesheet" in your images would identify any that have
previously come in.
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
Wikibugs-l mailing list