Fix typo: s/insertation/insertion/g

diff --git a/doc/security.mdwn b/doc/security.mdwn
index 52d9d3dc0c4ee820a3a40ae79e7a5f16ad925999..770927e26d1f5b607953132f77ae5ebed6004c05 100644 (file)
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -441,7 +441,7 @@ A fix was also backported to Debian etch, as version 2.53.5. I recommend
 upgrading to one of these versions if your wiki can be edited by third
 parties.
 
 upgrading to one of these versions if your wiki can be edited by third
 parties.
 

-## javascript insertation via insufficient htmlscrubbing of comments
+## javascript insertion via insufficient htmlscrubbing of comments

 
 Kevin Riggle noticed that it was not possible to configure
 `htmlscrubber_skip` to scrub comments while leaving unscubbed the text
 
 Kevin Riggle noticed that it was not possible to configure
 `htmlscrubber_skip` to scrub comments while leaving unscubbed the text


@@ -454,7 +454,7 @@ preview or moderation of comments with such a configuration.
 These problems were discovered on 12 November 2010 and fixed the same
 hour with the release of ikiwiki 3.20101112. ([[!cve CVE-2010-1673]])
 
 These problems were discovered on 12 November 2010 and fixed the same
 hour with the release of ikiwiki 3.20101112. ([[!cve CVE-2010-1673]])
 

-## javascript insertation via insufficient checking in comments
+## javascript insertion via insufficient checking in comments

 
 Dave B noticed that attempting to comment on an illegal page name could be
 used for an XSS attack.
 
 Dave B noticed that attempting to comment on an illegal page name could be
 used for an XSS attack.