Author: sorin.sbarnea
Description:
generateSitemap.php does use wfWikiID() in order to generate in sitemaps filenames.
This contains the name of the database and this is a security issue because it does make thename of the database (the name of the database could give some information about the server configuration).
My oppinion is that this should be removed or if somebody consider that it may be requred it can be crypted like: crypt(wfWikiID()).
Version: 1.16.x
Severity: enhancement