[wp-trac] Re: [WordPress Trac] #3973: XSRF,
XSS security hole for users with unfiltered_html capability
WordPress Trac
wp-trac at lists.automattic.com
Thu Mar 15 00:28:28 GMT 2007
#3973: XSRF,XSS security hole for users with unfiltered_html capability
--------------------------------------------------+-------------------------
Reporter: markjaquith | Owner: markjaquith
Type: defect | Status: closed
Priority: highest omg bbq | Milestone: 2.0.10
Component: Security | Version: 2.1.2
Severity: critical | Resolution: fixed
Keywords: comment nonce form security XSS XSRF |
--------------------------------------------------+-------------------------
Comment (by technosailor):
Reviewing per Ryan on Twitter. (the new mode of communication)... :-)
Looks good here too.
--
Ticket URL: <http://trac.wordpress.org/ticket/3973#comment:5>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list