We are in the process of hosting a small community site and part of vulnerability scans, found these issues as below. Do you have any patches that I can run to avoid getting into issues of session cookie theft and other issues?
8 instances of this issue were identified, at the following locations:
- /load.php [modules parameter]
- /api.php [action parameter]
- /api.php [formatversion parameter]
- /api.php [iiprop parameter]
- /api.php [meta parameter]
- /api.php [name of an arbitrarily supplied URL parameter]
- /api.php [prop parameter]
- /api.php [titles parameter]