[wp-trac] Re: [WordPress Trac] #7220: Press This vulnerabilities
WordPress Trac
wp-trac at lists.automattic.com
Wed Jul 2 04:04:14 GMT 2008
#7220: Press This vulnerabilities
----------------------+-----------------------------------------------------
Reporter: xknown | Owner: noel
Type: defect | Status: new
Priority: normal | Milestone: 2.6
Component: Security | Version: 2.6
Severity: normal | Resolution:
Keywords: |
----------------------+-----------------------------------------------------
Comment (by xknown):
Take a look to `photo_images`, the pattern to retrieve images should be
more restrictive or the result of that action should be urlencoded. For
example, if a page contains the following text it makes WP vulnerable:
{{{
<img src="demo<script>alert(document.cookie)</script>">
}}}
--
Ticket URL: <http://trac.wordpress.org/ticket/7220#comment:4>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list