| Description: | It was discovered that mediawiki, a website engine for collaborative work, is vulnerable to a Cross-Site Request Forgery login attack, which could be used to conduct phishing or similar attacks to users via affected mediawiki installations. Note that the fix used breaks the login API and may require clients using it to be updated. For the stable distribution, this problem has been fixed in version 1:1.12.0-2lenny5. For the testing distribution and the unstable distribution , this problem has been fixed in version 1:1.15.3-1. We recommend that you upgrade your mediawiki packages. |