[wp-trac] [WordPress Trac] #17400: Disable JavaScript in Comments

WordPress Trac wp-trac at lists.automattic.com
Thu May 12 16:16:35 UTC 2011


#17400: Disable JavaScript in Comments
--------------------------+------------------------------
 Reporter:  Kuzmanov      |       Owner:
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Comments      |     Version:  3.2
 Severity:  normal        |  Resolution:
 Keywords:                |
--------------------------+------------------------------

Comment (by Kuzmanov):

 Only when I'm logged in as an admin. As I see no one can put <script> in
 comments in WordPress 3.1.2, that's why I'm reporting this. It's not
 'very' safe when someone can use <script> in the comments, even it's an
 admin user.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/17400#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list