MediaWiki is a Web-based collaborative editing environment. Originally built for the online encyclopedia project Wikipedia, it's geared to support a large number of users and pages.
Information regarding Project Releases and Project Resources. Note that the information here is a quote from Freecode.com page, and the downloads themselves may not be hosted on OSDN.
An XSS injection vulnerability based on Microsoft
Internet Explorer's UTF-7 charset autodetection
was located in the AJAX support module, affecting
MSIE users on MediaWiki 1.6.x and up when the
optional setting $wgUseAjax is enabled. Minor
compatibility fixes for IIS and PostgreSQL are
also included.
Fixes were made for upgrading from older versions
and for running under certain configurations with
IIS. Shortcut key tooltips were corrected for
Opera on Mac and Firefox on Linux. An optional
DjVu metadata support security fix was made.
Compatibility fixes for Zend Optimizer and MySQL Strict Mode. safety checks for buggy 64-bit PHP installations. "Undo" edit patching mode. Password reset security has been improved. There are more flexible IP blocking options and many other improvements.
An XSS injection vulnerability was located in the Ajax support module, affecting MediaWiki 1.6.x and up when the optional $wgUseAjax setting is enabled. There is no danger in the default configuration, with $wgUseAjax off. If you are using an extension based on the optional Ajax module, either disable it or upgrade to a version containing the fix: 1.8.3, 1.7.2, 1.6.9, or 1.9.0rc2 release candidate.
