https://bugzilla.wikimedia.org/show_bug.cgi?id=43646
Jesús Martínez Novo (Ciencia Al Poder) <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] Summary|Copyright allows raw HTML |Copyright allows raw HTML |which can be used by admins | |to control other accounts | |e.g. CU/OS ones | --- Comment #8 from Jesús Martínez Novo (Ciencia Al Poder) <[email protected]> --- There are multiple ways rogue admins could abuse, and *this one* doesn't seem the only method to do that. Any site JavaScript or even CSS can be used to do the same. Hence, removing examples of what can be done from the summary. The problem is not proper escaping, which could break layout, not the abuse that can be done by other means. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
