[wp-trac] [WordPress Trac] #5475: [Allowed HTML tags] Textareas and
Inputs allowed
WordPress Trac
wp-trac at lists.automattic.com
Mon Dec 17 14:58:27 GMT 2007
#5475: [Allowed HTML tags] Textareas and Inputs allowed
---------------------+------------------------------------------------------
Reporter: Aen | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.3.2
Component: General | Version: 2.3.1
Severity: normal | Keywords:
---------------------+------------------------------------------------------
Tested on a default WP2.3.1 installation, with the default and a few other
themes. No commenting plugin installed. Just fresh and new.
Submitting <textarea> and <input> in comments, the actual html elements
show up. Ugly and probably a security risk?
You can see an example at http://aendir.com/woot/?p=1#comments
--
Ticket URL: <http://trac.wordpress.org/ticket/5475>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list