Author: sam
Description:
The [cache:...] construct is used as a shortcut to Google's cache. This can be
useful, but
since the link is not displayed as an external link, the user can be mislead
into clicking
harmful links if he/she does not check the URL in the browser's status bar.
Even worse, [cache:...] can be combined with #REDIRECT and lead the user to
virtually any
page, with the URL appearing totally harmless. The attached URL illustrates
this. Also,
putting things like #REDIRECT [cache:doom3.zoy.org] in a page can also be used
to abuse
Javascript and crash browsers. It can probably be used for phishing.
Proposed fix: remove 'Cache' from maintenance/interwiki.sql .
Version: 1.3.x
Severity: critical
URL: http://fr.wikipedia.org/User:Sam Hocevar/goatse