oss-sec mailing list archives

(possible) CVE request: Clickjacking in Mediawiki

From: Jonathan Wiltshire <jmw () debian org>
Date: Tue, 4 Jan 2011 12:20:18 +0000

Hi,

Mediawiki <= 1.16 is vulnerable to clickjacking when showing iframes in a
wiki:

https://bugzilla.wikimedia.org/show_bug.cgi?id=26561

I don't know if this warrants a CVE ID, but if so please assign one.

(please CC me on replies, TIA)

Thanks,

-- 
Jonathan Wiltshire                                      jmw () debian org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

Attachment: signature.asc
Description: Digital signature

Current thread:

(possible) CVE request: Clickjacking in Mediawiki Jonathan Wiltshire (Jan 04)
- Re: (possible) CVE request: Clickjacking in Mediawiki Josh Bressers (Jan 04)