Multichill created this task. Multichill added a subscriber: Multichill. Multichill added projects: Wikidata, MediaWiki-extensions-OAuthAuthentication, Security-General. Herald added a subscriber: Aklapper.
TASK DESCRIPTION We seem to have a security issue here in the Oauth implementation of Widar. I'm able to edit under some else his/her account see https://www.wikidata.org/w/index.php?title=Q22135494&type=revision&diff=293822691&oldid=293822124 for an example. I didn't do anything to compromise this other account, it just happened. This should be handled as a security incident. TASK DETAIL https://phabricator.wikimedia.org/T124224 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Multichill Cc: Aklapper, Multichill, Wikidata-bugs, aude, csteipp, Mbch331 _______________________________________________ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs