[wp-trac] [WordPress Trac] #34812: XSS bug in add new post
WordPress Trac
noreply at wordpress.org
Sat Nov 28 15:47:43 UTC 2015
#34812: XSS bug in add new post
-------------------------------+----------------------
Reporter: emadshanab | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Posts, Post Types | Version:
Severity: normal | Resolution: invalid
Keywords: | Focuses:
-------------------------------+----------------------
Changes (by ocean90):
* status: new => closed
* severity: critical => normal
* component: Post Formats => Posts, Post Types
* version: 4.3.1 =>
* milestone: Awaiting Review =>
* resolution: => invalid
Comment:
When you opened this ticket you must have seen a large warning message
stating that security reports are not to be reported here, and checked a
checkbox to confirm that you weren't reporting a security issue.
> Do not report potential security vulnerabilities here.
> See the [https://make.wordpress.org/core/handbook/reporting-security-
vulnerabilities/ Security FAQ] and contact `security at wordpress.org`.
Anyway, your report is invalid, please read
https://make.wordpress.org/core/handbook/testing/reporting-security-
vulnerabilities/#why-are-some-users-allowed-to-post-unfiltered-html.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/34812#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list