oss-sec mailing list archives

Re: (possible) CVE request: Clickjacking in Mediawiki

From: Josh Bressers <bressers () redhat com>
Date: Tue, 4 Jan 2011 13:27:09 -0500 (EST)

----- Original Message -----

Hi,

Mediawiki <= 1.16 is vulnerable to clickjacking when showing iframes
in a
wiki:

https://bugzilla.wikimedia.org/show_bug.cgi?id=26561

I don't know if this warrants a CVE ID, but if so please assign one.


Please use CVE-2011-0003

Thanks.

-- 
    JB

Current thread:

(possible) CVE request: Clickjacking in Mediawiki Jonathan Wiltshire (Jan 04)
- Re: (possible) CVE request: Clickjacking in Mediawiki Josh Bressers (Jan 04)