Firstly, This task WILL be public after the checklist below is complete. If sharing information or comments, make it reasonable for public disclosure.
Steps that should be taken are:
- Remove the script.
- Contact those who made the script/bureaucrats and inform this is unacceptable.
- Wipe all user logins.
- Inform everyone with an account on the wiki that there data may have been compromised.
- Implement controls (CSP).
- Disclose publicly on Meta this.
Added to this ticket is all security, Void (reasonable and supporting) and the The Pioneer (reporter).