[wp-trac] [WordPress Trac] #8767: Refactored filters to avoid
potential XSS attacks
WordPress Trac
wp-trac at lists.automattic.com
Wed Dec 31 11:55:00 GMT 2008
#8767: Refactored filters to avoid potential XSS attacks
--------------------------+-------------------------------------------------
Reporter: sambauers | Owner: ryan
Type: defect (bug) | Status: new
Priority: high | Milestone: 2.7.1
Component: Security | Version: 2.7
Severity: major | Keywords: has-patch, needs-testing, XSS
--------------------------+-------------------------------------------------
Attached patch introduces new and refactored functions for filtering
input. They mostly work as additional defence against invalid UTF8 XSS
attacks in IE6.
New wp_specialchars() is optimised for PHP 5.2.3+
--
Ticket URL: <http://trac.wordpress.org/ticket/8767>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list