https://bugzilla.wikimedia.org/show_bug.cgi?id=62272

--- Comment #3 from Chris Steipp <cste...@wikimedia.org> ---
As it's written, it does a very poor job of security. They parameterize most of
their sql (except the one on 376, but hopefully bugzilla wouldn't have an extra
feature name that contained sql), so it probably won't take down the server.

They don't do any xss filtering, and rely and outputting text/plain content
type. So xss is only exploitable on ie6, iOS 6's Safari, or any other browser
that interprets scripts in text/plain.

It would probably be safe to deploy this if you could lock down access to only
their IP address (so xss wouldn't be an issue). But it certainly isn't
something I would feel comfortable having up and accessible on our servers.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

Reply via email to