On 22/03/12 22:25, Ryan Lane wrote:
On Thu, Mar 22, 2012 at 2:14 PM, K. Peachey p858snake@gmail.com wrote:
On Fri, Mar 23, 2012 at 6:42 AM, Platonides Platonides@gmail.com wrote:
If you browse the internet from that computer when the wiki is accesible, it could be compromised.
No it's not.... Unless you are bindly making your local web server fowarded to the outside network.
It doesn't matter if your web server is accessibly from the outside network or not. If you are logged into your local wiki, and someone knows of its existence, they could attack you from another server outside of your network.
- Ryan
Exactly. You would need something like Mozilla bug 354493 fixed to be safe. https://bugzilla.mozilla.org/show_bug.cgi?id=354493
Or a webapp not vulnerable to CSRF, which is why we're sending out that fix. :)