Jump to content

User:Mr. Stradivarius/XSS patrol

From Wikipedia, the free encyclopedia

These are pages that I have patrolled for cross-site scripting vulnerabilities. All the pages marked as vulnerable have since been fixed. I am mostly working through Wikipedia:User scripts/Most imported scripts, although I will check any scripts that happen to catch my eye.

Page Date patrolled Vulnerable Notes
User:Anomie/linkclassifier.js 2021-12-10 No
User:Bility/copySectionLink.js 2021-12-10 No
User:DannyS712/Cat links 1.js 2021-12-10 No
User:DannyS712/Cat links 2.js 2021-12-10 No
User:DannyS712/Cat links 3.js 2021-12-10 No
User:DannyS712/Cat links 3/CL helper.js 2021-12-10 No
User:DannyS712/Cat links.js 2021-12-10 No
User:DannyS712/copyvio-check.js 2021-12-06 Yes
User:Danski454/goToTop.js 2021-12-10 No
User:Enterprisey/copy-section-link.js 2021-12-10 Yes
User:Enterprisey/section-redir-note.js 2021-12-10 No
User:Enterprisey/watchlist-notice.js 2021-12-05 No
User:Evad37/duplinks-alt.js 2021-12-10 No
User:Evad37/livenotifications.js 2021-12-10 No
User:Fred Gandt/confirmLogout.js 2021-12-10 No
User:Gary/subjects age from year.js 2021-12-10 No
User:Guywan/Scripts/ConfirmLogout.js 2021-12-10 No
User:IagoQnsi/ipareader.js 2021-12-10 No
User:MusikAnimal/nightpedia.js 2021-12-10 No
User:N8wilson/AQFetcher.js 2021-12-10 No
User:Novem Linguae/Scripts/VisualEditorEverywhere.js 2021-12-09 No
User:P999/Toggle VF.js 2021-12-08 No
User:Slakr/sectionlinks.js 2021-12-10 Yes
User:The Voidwalker/alwaysEditSectionLink.js 2021-12-10 Yes
User:Titodutta/scripts/SearchHelper.js 2021-12-08 Yes
User:Writ Keeper/Scripts/deletionFinder.js 2021-12-10 No
User:Þjarkur/Highlight recently added text.js 2021-12-10 No
Mediawiki:Gadget-popups.js 2021-12-27 Yes Four separate vulnerabilities, each requiring non-default options
Mediawiki:Gadget-modrollback.js 2021-12-28 No
Mediawiki:Gadget-confirmationRollback-mobile.js 2021-12-28 No
Mediawiki:Gadget-removeAccessKeys.js 2021-12-28 No
Mediawiki:Gadget-searchFocus.js 2021-12-28 No
MediaWiki:Gadget-ReferenceTooltips.js 2022-01-02 No
MediaWiki:Common.js 2022-01-02 No
MediaWiki:Monobook.js 2022-01-03 No
MediaWiki:Group-user.js 2022-01-03 No
MediaWiki:Group-sysop.js 2022-01-03 No
MediaWiki:Gadget-formWizard-core.js 2022-01-03 Yes phab:T298481
MediaWiki:Gadget-geonotice-core.js 2022-01-08 No
MediaWiki:Gadget-watchlist-notice-core.js 2022-01-08 No
MediaWiki:Gadget-switcher.js 2022-01-08 No
User:BrandonXLF/UpdateNotifications.js 2022-01-12 No
User:BrandonXLF/PortletLinks.js 2022-01-12 No
User:Chlod/Scripts/GoToTitle.js 2022-01-12 No
User:Awesome Aasim/noeditredlinks.js 2022-01-12 No
User:Enterprisey/superjump.js 2022-01-12 No
MediaWiki:Gadget-script-installer-core.js 2022-02-07 Yes phab:T300743
User:Qwertyytrewqqwerty/DisamAssist.js 2022-02-12 No
es:Usuario:Qwertyytrewqqwerty/DisamAssist-core.js 2022-02-12 No Found an unescaped string, but it was not exploitable: phab:T301564
Retrieved from "https://en.wikipedia.org/w/index.php?title=User:Mr._Stradivarius/XSS_patrol&oldid=1071239933"