Download
| Alert*
DSA-2753-1 mediawiki -- information leak
It was discovered that in Mediawiki, a wiki engine, several API modules allowed anti-CSRF tokens to be accessed via JSONP. These tokens protect against cross site request forgeries and are confidential.
|