[wp-trac] [WordPress Trac] #9917: SECURITY VULNERABILITY
WordPress Trac
wp-trac at lists.automattic.com
Sat May 23 19:17:55 GMT 2009
#9917: SECURITY VULNERABILITY
-----------------------------+----------------------------------------------
Reporter: epicreviews | Owner:
Type: defect (bug) | Status: new
Priority: highest omg bbq | Milestone: Unassigned
Component: General | Version: 2.7.1
Severity: critical | Keywords:
-----------------------------+----------------------------------------------
Comments have a huge vulnerability
{{{
<script language="javascript">alert('Security');</script>
}}}
This set off a problem when someone was testing for me.
anything that uses javascript does it
htmlentities would protect it
This totally screwed up my categories with just a test.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/9917>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list