2009/9/16 Aryeh Gregor <Simetrical+wikilist(a)gmail.com>om>:
It should be noted, though, that actual demonstrated
risk is probably
more important to users than theoretical patch response times. For
whatever reason, attacks on MediaWiki seem to be comparatively rare.
I would be interested in hearing of any real-world attacks anyone
knows of -- there must have been *some*, but I've never heard of one.
There was a whacky one a few years ago where one user could spoof
another user's IP as far as MediaWiki was concerned, i.e. so that
edits by the first users would be attributed in the database as
belonging to the second user. I believe that was fixed quick-smart ...
- d.