[wp-trac] [WordPress Trac] #11775: in ms-edit.php, illegal_names gets updated without the slightest validation
WordPress Trac
wp-trac at lists.automattic.com
Wed Jan 6 18:54:02 UTC 2010
#11775: in ms-edit.php, illegal_names gets updated without the slightest validation
-------------------------------+--------------------------------------------
Reporter: Denis-de-Bernardy | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.0
Component: Security | Version: 3.0
Severity: normal | Keywords:
-------------------------------+--------------------------------------------
it just goes:
{{{
$illegal_names = split( ' ', $_POST['illegal_names'] );
foreach( (array) $illegal_names as $name ) {
$name = trim( $name );
if( $name != '' )
$names[] = trim( $name );
}
update_site_option( "illegal_names", $names );
}}}
aren't we missing at least some sanitization here?
also, $names should be initialized to array()
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11775>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list