https://bugzilla.wikimedia.org/show_bug.cgi?id=69596
Michael M. <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected], | |[email protected] --- Comment #1 from Michael M. <[email protected]> --- A login widget could be easily spoofed by a malicious user script (while Special:Login is difficult to spoof). Bug 48931 was closed as WONTFIX for the possibility that an evil script could replace the links in Special:Preferences to change the password, which seems a more difficult attack to me than simulating a login widget and sending the entered password to a server under the attacker's control. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
