[wp-trac] Re: [WordPress Trac] #3973: XSRF,
XSS security hole for users with unfiltered_html capability
WordPress Trac
wp-trac at lists.automattic.com
Fri Mar 16 05:17:22 GMT 2007
#3973: XSRF,XSS security hole for users with unfiltered_html capability
--------------------------------------------------+-------------------------
Reporter: markjaquith | Owner: markjaquith
Type: defect | Status: closed
Priority: highest omg bbq | Milestone: 2.0.10
Component: Security | Version: 2.1.2
Severity: critical | Resolution: fixed
Keywords: comment nonce form security XSS XSRF |
--------------------------------------------------+-------------------------
Comment (by charleshooper):
(off topic) Ah, gotta love twitter
--
Ticket URL: <http://trac.wordpress.org/ticket/3973#comment:6>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list