[wp-trac] [WordPress Trac] #24907: Escape admin_url() when used for ajax_url in admin header
WordPress Trac
noreply at wordpress.org
Sun Jan 20 20:40:11 UTC 2019
#24907: Escape admin_url() when used for ajax_url in admin header
-------------------------------------+-----------------------
Reporter: jeremyfelt | Owner: (none)
Type: defect (bug) | Status: reopened
Priority: normal | Milestone:
Component: Security | Version: 2.7
Severity: normal | Resolution:
Keywords: has-patch needs-testing | Focuses:
-------------------------------------+-----------------------
Changes (by iandunn):
* status: closed => reopened
* resolution: wontfix =>
Comment:
Reopening being this still seems like useful hardening.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/24907#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list