[wp-trac] [WordPress Trac] #24784: Plain text content injection vulnerability in feed error message
WordPress Trac
noreply at wordpress.org
Wed Jul 17 10:31:01 UTC 2013
#24784: Plain text content injection vulnerability in feed error message
--------------------------+-----------------------------
Reporter: harrym | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Feeds | Version: trunk
Severity: normal | Keywords:
--------------------------+-----------------------------
WordPress 3.5.2 contains an error message relating to the use of an
invalid feed template which emits user output. It is not possible to
include HTML in this field, but text content can be injected. For example:
http://your-wordpress-
website.com/?feed=This%20website%20has%20been%20hacked.%20%20Quick%2C%20write%20a%20news%20paper%20story%20about%20this%21%20I%20am%20tired%20of%20error%20messages%20that%20say%20this
This message is emitted in wp-includes/functions.php in do_feed() at line
1009.
This issue was discovered by Glyn Wintle.
[NB: I have not attached a patch because the core team have already agreed
that they will target a fix for 3.7.]
--
Ticket URL: <http://core.trac.wordpress.org/ticket/24784>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list