Incident documentation/20200907-mobilefrontend-sec

From Wikitech
Jump to navigation Jump to search

document status: final

Summary

A stored XSS security issue was reported, affecting talk pages in MobileFrontend. It was patched in production the same day.

The issue and patch were publicly disclosed seven days later on 14 September, at T262213.

Actionables

(None)