Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 4 Jan 2011 12:20:18 +0000
From: Jonathan Wiltshire <jmw@...ian.org>
To: oss-security@...ts.openwall.com
Subject: (possible) CVE request: Clickjacking in Mediawiki

Hi,

Mediawiki <= 1.16 is vulnerable to clickjacking when showing iframes in a
wiki:

https://bugzilla.wikimedia.org/show_bug.cgi?id=26561

I don't know if this warrants a CVE ID, but if so please assign one.

(please CC me on replies, TIA)

Thanks,

-- 
Jonathan Wiltshire                                      jmw@...ian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ