Difference between revisions of "Template:Code injection alert"
Jump to navigation
Jump to search
Template documentation[create]
Template documentation
Template documentation[create]
Joelmartin (talk | contribs) m (Text replacement - "</translate>" to "") |
Joelmartin (talk | contribs) m (Text replacement - "<!--T:(.*)-->" to "") |
||
| Line 4: | Line 4: | ||
| = | | = | ||
{{Security alert | {{Security alert | ||
| − | |problem={{{problem| | + | |problem={{{problem| Vulnerable to '''[[w:Code injection|code injection]] attacks'''. This may lead to '''compromisation of your entire wiki''', '''severe data loss''', '''malware being injected''', and '''other parts of your server being compromised''', among other things.}}} |
| − | |solution={{{solution| | + | |solution={{{solution| [[w:Code injection|avoid the use of things like eval(), create_function(), and /e]]}}} |
|signed={{{signed|{{{1||}}}}}} | |signed={{{signed|{{{1||}}}}}} | ||
|nocat=1 | |nocat=1 | ||
Revision as of 14:32, 21 December 2019
Template documentation[create] Template documentation- Description
- Adds an alert box describing a code injection vulnerability in including Extension page. Also adds including page to Category:Extensions with code injection vulnerabilities
- If your extension was tagged with this template please read
- For extension developers and extension users: en:Code injection
- Specifically for extension developers: Security for developers
- Example
{{Code injection alert|~~~~}}
- Creates
Template documentation[create]