[wp-trac] Re: [WordPress Trac] #3986: XSS in wp_nonce_ays

WordPress Trac wp-trac at lists.automattic.com
Sat Mar 17 08:34:59 GMT 2007


#3986: XSS in wp_nonce_ays
-----------------------------+----------------------------------------------
 Reporter:  xknown           |        Owner:  anonymous
     Type:  defect           |       Status:  new      
 Priority:  highest omg bbq  |    Milestone:  2.1.3    
Component:  Security         |      Version:  2.1.2    
 Severity:  normal           |   Resolution:           
 Keywords:  has-patch        |  
-----------------------------+----------------------------------------------
Changes (by Nazgul):

  * priority:  low => highest omg bbq
  * keywords:  => has-patch

Comment:

 The given PoC didn't work for me out of the box, but with some fiddling I
 got it to work.

 2.0.x, 2.1.x and trunk are all vulnerable.

 The given patch takes the sting out of the attack on my tests.

 Also please note that the attached patch was made from the wp-includes
 directory and not from the root.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/3986#comment:1>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list