Package: mediawiki
Severity: important
Tags: security upstream

The <cross-domain-policy> mangling in OutputHandler.php poses a
potentially severe security problem for API clients written in PHP, in
that format=php is affected. See the following URL for more details:

  https://phabricator.wikimedia.org/T73478

Cheers,

--Seb


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to