https://bugzilla.wikimedia.org/show_bug.cgi?id=25340
Jeroen De Dauw <jeroen_ded...@yahoo.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #2 from Jeroen De Dauw <jeroen_ded...@yahoo.com> 2010-09-29 22:44:18 UTC --- (In reply to comment #0) > If you enter: > > <script>alert("CSS Vulnerability");</script> > > into the query window and click on the 'Find results' button, it will pop up > an > alert window the the 'CSS Vulnerability' message. > > This works on all versions of Media wiki and the semantic extensions I have > tried. > Works in both Firefox and IE. It looks like this vulnerability has already been fixed. I can not reproduce it using the latest SMW. I'm not sure, but suspect I fixed it in 1.5. What version are you using? -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l