[wp-trac] Re: [WordPress Trac] #3515: XSS through author's url in
comments
WordPress Trac
wp-trac at lists.automattic.com
Tue Jan 2 18:16:34 GMT 2007
#3515: XSS through author's url in comments
-----------------------+----------------------------------------------------
Reporter: xknown | Owner: anonymous
Type: defect | Status: new
Priority: high | Milestone: 2.0.6
Component: Security | Version: 2.0.5
Severity: major | Resolution:
Keywords: has-patch |
-----------------------+----------------------------------------------------
Changes (by andy):
* keywords: => has-patch
Comment:
Attached proto.diff which forces clean_url through wp_kses_bad_protocol
with the default protocol list. E.g. if "javascript:" is the protocol it
will return an empty string rather than a "sanitized" URL.
This can be applied to 2.0 and trunk.
--
Ticket URL: <http://trac.wordpress.org/ticket/3515#comment:2>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list