Hi All,

There is a Cross-Site-Scripting arbitrary JavaScript execution and HTML insertion vulnerability in MediaWiki.

This is achieved by injecting malicious data into a specific value which is not sanitized / escaped before being echoed back to the user's browser.

The vulnerability affects current SVN, MediaWiki 1.6.6 (current stable), as well as the live Wikipedia.

No extensions need to be installed.

Details have been provided to security@wikimedia.org as per the instructions at: http://www.mediawiki.org/wiki/Security , and will be withheld for a period, before being made publicly available at: http://nickj.org/MediaWiki

All the best, Nick.