[wp-trac] Re: [WordPress Trac] #2953: XSS Vulnerability in the
WordPress Trac
wp-trac at lists.automattic.com
Fri Jul 14 18:41:35 GMT 2006
#2953: XSS Vulnerability in the 'post_tilte' parameter in wp-admin/page-new.php
while submitting thought the "Create New page" option
------------------------------------------+---------------------------------
Reporter: NRNandini | Owner: westi
Type: defect | Status: assigned
Priority: high | Milestone: 2.0.4
Component: Administration | Version: 2.0.3
Severity: critical | Resolution:
Keywords: bg|has-patch bg|dev-feedback |
------------------------------------------+---------------------------------
Comment (by ryan):
Admin users are allowed to put whatever they want in the title. They are
trusted.
--
Ticket URL: <http://trac.wordpress.org/ticket/2953>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list