Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T30507, the corresponding Phabricator task for complete and up-to-date bug report information.

Bug 28507 - XSS: Incorrect patch for bug 28235

Summary:	XSS: Incorrect patch for bug 28235

Status: RESOLVED FIXED Product: MediaWiki Classification: Unclassified Component: General/Unknown (Other open bugs) Version: 1.16.x Hardware: All All Importance: Normal normal (vote) Target Milestone: --- Assigned To: Nobody - You can work on this! URL: http://www.mediawiki.org/w/api%2Ephp?... Whiteboard: Keywords: Depends on: Blocks:   Show dependency tree / graph		Reported: 2011-04-12 07:46 UTC by Masato Kinugawa Modified: 2012-04-12 13:54 UTC (History) CC List: 5 users (show) EN.WP.ST47 innocentkiller Platonides roan.kattouw tstarling See Also: Web browser: --- Mobile Platform: --- Assignee Huggle Beta Tester: ---

Attachments Add an attachment (proposed patch, testcase, etc.)

Description Masato Kinugawa 2011-04-12 07:46:17 UTC bug 28235's patch is still vulnerable. http://www.mediawiki.org/w/api%2Ephp?action=query&meta=siteinfo&format=json&siprop=%3Cbody%20onload=alert(1)%3E.html? Comment 1 Tim Starling 2011-04-14 07:19:10 UTC Thanks for that, another fix will be released in 1.16.4. I had Roan Kattouw help me review and test the patch this time, so hopefully we've got it nailed down. Comment 2 Dan Collins 2011-07-17 04:57:55 UTC No XSS when I click the link, so it works in 1.17-wmfwhatever. Closing fixed by Tim.