Last modified: 2012-12-13 11:21:41 UTC
The way that you're passing in a function to insertDefaultSites in Utils.php makes a security evaluation difficult. I'm not sure what your intent was behind that syntax, but it would be better to either have a whitelist of function names, or possibly use the builtin debugging functions if you're only trying to get debugging information.
Fixed by Tim Starling in I394c33f3ef06d09bae32fa875a33c93b3131daed
Verified in Wikidata demo time for sprint 18