[wp-trac] Re: [WordPress Trac] #3973: XSRF,
XSS security hole for users with unfiltered_html capability
WordPress Trac
wp-trac at lists.automattic.com
Wed Mar 14 22:30:58 GMT 2007
#3973: XSRF,XSS security hole for users with unfiltered_html capability
--------------------------------------------------+-------------------------
Reporter: markjaquith | Owner: markjaquith
Type: defect | Status: new
Priority: highest omg bbq | Milestone: 2.0.10
Component: Security | Version: 2.1.2
Severity: critical | Resolution:
Keywords: comment nonce form security XSS XSRF |
--------------------------------------------------+-------------------------
Comment (by ryan):
Code looks good.
--
Ticket URL: <http://trac.wordpress.org/ticket/3973#comment:1>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list