Thread:Project:Support desk/How to add custom CSS via LocalSettings.php (2)/reply (8)

Just revert back to 1.23.4. This security problem they "fixed" is a complete non-issue. If someone malicious is able to put code in your site CSS/JS, then your site is already compromised. Having the login and preferences pages not affected won't help anything.