diff --git a/doc/security.mdwn b/doc/security.mdwn index fb211cd12..916bd0484 100644 --- a/doc/security.mdwn +++ b/doc/security.mdwn @@ -466,7 +466,7 @@ with the comments plugin enabled. ([[!cve CVE-2011-0428]]) ## possible javascript insertion via insufficient htmlscrubbing of alternate stylesheets -Tango noticed that 'meta stylesheet` directives allowed anyone +Giuseppe Bilotta noticed that 'meta stylesheet` directives allowed anyone who could upload a malicious stylesheet to a site to add it to a page as an alternate stylesheet, or replacing the default stylesheet.