[wp-trac] Re: [WordPress Trac] #5998: Invalid Unicode characters
WordPress Trac
wp-trac at lists.automattic.com
Tue Jun 23 09:56:18 GMT 2009
#5998: Invalid Unicode characters
--------------------------+-------------------------------------------------
Reporter: shelleyp | Owner: hakre
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: 2.9
Component: Security | Version: 2.3.3
Severity: critical | Keywords: needs-patch reporter-feedback
--------------------------+-------------------------------------------------
Changes (by hakre):
* component: Charset => Security
* severity: normal => critical
Comment:
Looks like missing input validation for the comments. This leaves
WordPress open to encoding related attacks btw. The "Yellow Screen Of
Death" is a minor problem then.
Thanks for reporting and providing the information.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/5998#comment:10>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list