diff options
Diffstat (limited to 'doc/security.mdwn')
-rw-r--r-- | doc/security.mdwn | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/security.mdwn b/doc/security.mdwn index fb211cd12..916bd0484 100644 --- a/doc/security.mdwn +++ b/doc/security.mdwn @@ -466,7 +466,7 @@ with the comments plugin enabled. ([[!cve CVE-2011-0428]]) ## possible javascript insertion via insufficient htmlscrubbing of alternate stylesheets -Tango noticed that 'meta stylesheet` directives allowed anyone +Giuseppe Bilotta noticed that 'meta stylesheet` directives allowed anyone who could upload a malicious stylesheet to a site to add it to a page as an alternate stylesheet, or replacing the default stylesheet. |