[wp-meta] [Making WordPress.org] #3825: Wrong data validation added for home_url in WordCamp feed page template
Making WordPress.org
noreply at wordpress.org
Sat Sep 22 12:04:03 UTC 2018
#3825: Wrong data validation added for home_url in WordCamp feed page template
-------------------------------------+-----------------------
Reporter: mukesh27 | Owner: (none)
Type: defect | Status: assigned
Priority: low | Milestone:
Component: WordCamp Site & Plugins | Resolution:
Keywords: has-patch |
-------------------------------------+-----------------------
Changes (by iandunn):
* keywords: has-patch dev-feedback => has-patch
* priority: high => low
* status: new => assigned
Comment:
The patches from #3829 and #3830 should be added to this one.
Marking as `low` priority because this suggestion is correct, but the
current code
[https://developer.wordpress.org/reference/functions/esc_attr/#comment-2459
is not a security issue], and doesn't cause any real-world problems that
I'm aware of.
( If anyone does think there's a security issue, please don't say anything
here. Instead, report that to [https://hackerone.com/wordpress our
HackerOne program]. )
--
Ticket URL: <https://meta.trac.wordpress.org/ticket/3825#comment:3>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org
More information about the wp-meta
mailing list