[wp-trac] Re: [WordPress Trac] #3592: Links added in RTE with
double-quotes fail to validate
WordPress Trac
wp-trac at lists.automattic.com
Wed Jan 17 19:51:36 GMT 2007
#3592: Links added in RTE with double-quotes fail to validate
-------------------------------+--------------------------------------------
Reporter: irayo | Owner: markjaquith
Type: defect | Status: assigned
Priority: low | Milestone: 2.2
Component: General | Version: 2.0.7
Severity: minor | Resolution:
Keywords: reporter-feedback |
-------------------------------+--------------------------------------------
Changes (by markjaquith):
* status: new => assigned
* owner: anonymous => markjaquith
* summary: Links with double-quotes fail to validate => Links added in
RTE with double-quotes fail to validate
Comment:
Note that XSS exploits that require access to an account with
{{{unfiltered_html}}} capabilities are not considered valid exploits.
That's just an abuse of trust by a privileged user. In order to properly
test for a vulnerability, use an "Author" account to attempt the exploit.
The fix needed here is to entity-encode the href and title fields when
inserted via the RTE, to prevent {{{unfiltered_html}}}-capable RTE users
from generating invalid HTML.
This is also valid for trunk. Possible candidate for 2.1 inclusion, but
let's see the patch first (I'll take a stab now).
--
Ticket URL: <http://trac.wordpress.org/ticket/3592#comment:5>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list