[Pkg-mediawiki-devel] Bug#772764: mediawiki: CVE-2014-9277

Sebastien Delafond seb at debian.org
Wed Dec 10 21:05:57 UTC 2014

Package: mediawiki
Severity: important
Tags: security upstream

The <cross-domain-policy> mangling in OutputHandler.php poses a
potentially severe security problem for API clients written in PHP, in
that format=php is affected. See the following URL for more details:




More information about the Pkg-mediawiki-devel mailing list