First of all, I hope that you can forward it off to wikitech, but it
seems that a malicious user at Wikibooks used their user JS to do
some page move vandalism (see [[b:en:User:Vandel Damon/monobook.js]]
for the JS in question). It's not much of a security loophole as it
is undesirable for the wiki community, seeing that a lot of people
would have to undo a lot of page moves.
If there was some way in the back end to prevent this, it would be
appreciated.