[wp-trac] Re: [WordPress Trac] #4689: Wordpress uploads.php
Cross-Site Scripting Vulnerability
WordPress Trac
wp-trac at lists.automattic.com
Tue Jul 31 20:44:10 GMT 2007
#4689: Wordpress uploads.php Cross-Site Scripting Vulnerability
-----------------------------+----------------------------------------------
Reporter: BenjaminFlesch | Owner: Nazgul
Type: enhancement | Status: assigned
Priority: highest omg bbq | Milestone: 2.2.2
Component: Security | Version: 2.2.1
Severity: critical | Resolution:
Keywords: has-patch |
-----------------------------+----------------------------------------------
Changes (by Nazgul):
* keywords: needs-patch => has-patch
* owner: anonymous => Nazgul
* status: new => assigned
Comment:
Patch puts the needed attribute_escape in place and also put one around
the nearby $post_id as an extra safeguard.
--
Ticket URL: <http://trac.wordpress.org/ticket/4689#comment:2>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list