[Foundation-l] Security holes in Mediawiki
Domas Mituzas
midom.lists at gmail.com
Tue Sep 15 17:57:25 UTC 2009
Hello Gregory,
> I was sort of surprised to learn today that Mediawiki software has
> had 37
> security holes identified:
Why would you be surprised? It is web software, that allows _most_
flexibility for its users, you can expect most problems because of
that, especially in XSS area.
On the other hand, most of those identified vulnerabilities are ones
published about _after_ they get fixed and releases delivered.
You should probably ask about actual vulnerabilities in other mailing
lists, but it would be even better, if you did some basic research
first. Posting walls of text to your blog and redirecting people there
isn't constructive.
And by the way, our site security is getting better and better, once
upon a time anyone could edit.
Domas
More information about the wikimedia-l
mailing list