[wp-trac] Re: [WordPress Trac] #4344: Posting comments from external websites

WordPress Trac wp-trac at lists.automattic.com
Sun May 27 15:06:35 GMT 2007

#4344: Posting comments from external websites
 Reporter:  PsychoGun  |        Owner:  anonymous
     Type:  defect     |       Status:  closed   
 Priority:  high       |    Milestone:           
Component:  Security   |      Version:           
 Severity:  normal     |   Resolution:  invalid  
 Keywords:             |  
Changes (by westi):

  * status:  reopened => closed
  * resolution:  => invalid


 Replying to [comment:7 PsychoGun]:
 > You are stupid.
 > This report is not invalid and you should test my proof of concept
 before to edit it. This vulnerability do work, and the only data which are
 really requiried are the "comment" and the "comment_post_ID".
 > WordPress just dose not care if the "_wp_unfiltered_html_comment" is not
 send, he does post de comment.
 > You should try my POC. I did it in all versions, and it works.

 I have tested you POC.

 The point is the comment may get posted _but_ the javascript is escaped
 and made safe so you are unable to inject javascript into the blog

 WordPress projects against this type of comment inject as I have described

Ticket URL: <http://trac.wordpress.org/ticket/4344#comment:11>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list