A critical vulnerability that allowed remote code execution was recently fixed in the software Mediawiki used by wiki pages. Thousands of Wiki websites together and WikiPedia was affected by this security error.
Security researchers from Checkpoint identified this vulnerability (CVE-2014-1610), and found that it affects all versions of software, starting with version 1.8. Web pages are only vulnerable if a certain non-default setting is enabled.
In accordance with security advisory, an attacker who could exploit this vulnerability could cause changes to files and the system and gain complete server control.
Η Checkpoint ανέφερε ότι ένας εισβολέας θα μπορούσε να κάνει injection maliciousu code on every page of WikiPedia.org something could setat risk millions of users of the site.
Checkpoint immediately informed the Wikimedia Foundation about the bug. So pJanuary 28, the foundation released patch for this bug.
