Debian Linux Security Advisory 2753-1 – It was discovered that in Mediawiki, a wiki engine, several API modules allowed anti-CSRF tokens to be accessed via JSONP. These tokens protect against cross site request forgeries and are confidential…. Debian Linux Security Advisory 2753-1 – It was discovered that in Mediawiki, a wiki engine, several API modules allowed anti-CSRF tokens to be accessed via JSONP. These tokens protect against cross site request forgeries and are confidential.

Read more http://packetstormsecurity.com/files/123220/dsa-2753-1.txt