https://bugzilla.wikimedia.org/show_bug.cgi?id=22555

--- Comment #2 from Philippe Verdy <verd...@wanadoo.fr> 2010-10-10 10:32:23 UTC 
---
Note also that the Template documentation page above also demonstrates that
padleft: does not properly handle HTML character references (such as &nbsp; or
&#32;) found in this third parameter.

Exposing the "\x07UNIQ-...-nowiki-INUQ\x07" in the generated result may also
reveal some internal states of the wiki server (Is there a possible leakage of
secure information, allowing external attacks by revealing the value of the
unique id ?).

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.

_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

Reply via email to