[wp-trac] Re: [WordPress Trac] #7211: Common mod_security rules, conflicts with media uploader

WordPress Trac wp-trac at lists.automattic.com
Tue Jul 1 08:09:38 GMT 2008


#7211: Common mod_security rules, conflicts with media uploader
-----------------------------------------------+----------------------------
 Reporter:  pishmishy                          |        Owner:  pishmishy
     Type:  defect                             |       Status:  assigned 
 Priority:  high                               |    Milestone:  2.7      
Component:  Administration                     |      Version:  2.5.1    
 Severity:  normal                             |   Resolution:           
 Keywords:  mod_security apache mediauploader  |  
-----------------------------------------------+----------------------------
Comment (by pishmishy):

 I think that the uploader may be trying to put the image into a strange
 location. After attempting to upload the image it thinks the thumbnail is
 in http://www.theblog.org.uk/tmp but puts the LINK URL as
 {{{
 http://www.theblog.org.uk/blog/../../../../../../../../../../../../../../../../../tmp/lolcat4.jpg
 }}}

-- 
Ticket URL: <http://trac.wordpress.org/ticket/7211#comment:8>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list