-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Edward Z. Yang wrote:
See
http://ha.ckers.org/blog/20070220/mediawiki-192-utf-7-xss/ for
details. I'm sure we get these all the time, but since RSnake picked it
up it probably will get a bit more publicity than normal. Has it been
fixed on the trunk yet?
Haven't heard of it before now, so I'll take a look.
- -- brion vibber (brion @
pobox.com / brion @
wikimedia.org)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (Darwin)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org
iD8DBQFF240iwRnhpk1wk44RAjJkAJ9yWGlPYZwlaGBOkRDVnet0cndEvwCgm15L
jVw7wurt7fHgswlC2N8uUEA=
=bIrs
-----END PGP SIGNATURE-----