https://bugzilla.wikimedia.org/show_bug.cgi?id=25340
[email protected] changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED | --- Comment #6 from [email protected] 2010-11-01 15:00:04 UTC --- We've found the same vulnerability in the 'default' input field on the ask screen. To Replicate: Go to: http://semantic-mediawiki.org/wiki/Special:Ask and enter: '><script>alert("CSS Vulnerability");</script> in the mainlabel, intro, outro, or default input fields. They all allow the script to execute when the results are returned. Dave -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
