Incidents/2020-09-07 mobilefrontend-sec

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

document status: final

Summary

A stored XSS security issue was reported, affecting talk pages in MobileFrontend. It was patched in production the same day.

The issue and patch were publicly disclosed seven days later on 14 September, at T262213.

Actionables

(None)