-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Edward Z. Yang wrote:
See http://ha.ckers.org/blog/20070220/mediawiki-192-utf-7-xss/ for details. I'm sure we get these all the time, but since RSnake picked it up it probably will get a bit more publicity than normal. Has it been fixed on the trunk yet?
Haven't heard of it before now, so I'll take a look.
- -- brion vibber (brion @ pobox.com / brion @ wikimedia.org)