Page MenuHomePhabricator
Create Task
Maniphest T65404

CSS hijack by inline style
Closed, InvalidPublic
Actions

Description

Author: jimmy

Description:
Whole page is white in wikipedia.

This line below will override page to white, and every user can do that easily.

<div style="width: 200%; height: 200%; top: -50%;left: -50%; position:absolute;background-color: #FFFFFF; z-index: 255;"></div>

This may duplicate with #35704 , but still leave this issue for track.

Version: unspecified
Severity: minor
Whiteboard: aklapper-moreinfo

Attached:

css-hijack-result.png (690×975 px, 12 KB)

Details

Reference
bz63404

Event Timeline

bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 3:06 AM
bzimport added a project: MediaWiki-Page-editing.
bzimport set Reference to bz63404.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Apr 2 2014, 7:01 AM
bzimport added a comment.Apr 2 2014, 7:02 AM

jimmy wrote:

Correct div attached below:

<div style="width: 200%; height: 200%; top: -50%;left: -50%; position:absolute;background-color: #FFFFFF; z-index: 255;"></div>

Aklapper added a comment.Apr 3 2014, 9:35 AM

Thanks for taking the time to report this!

Why do you think there is a bug in the MediaWiki software?

Jackmcbarn added a comment.Apr 3 2014, 6:31 PM

I see no bug here. It looks like someone just vandalized that page.

Aklapper added a comment.Apr 4 2014, 11:52 AM

Closing this ticket as per comment 3.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL