Mandriva Linux Security Advisory 2013-290 - Kevin Israel identified and reported two vectors for injecting Javascript in CSS that bypassed MediaWiki's blacklist. Internal review while debugging a site issue discovered that MediaWiki and the CentralNotice extension were incorrectly setting cache headers when a user was autocreated, causing the user's session cookies to be cached, and returned to other users.
a043d15db222d711988b06beb8a88a68fdc48afb69eb8a49a4920d9ea05e5bc0