[wp-trac] [WordPress Trac] #9279: An apostophe in the URL takes you
to the latest draft post
WordPress Trac
wp-trac at lists.automattic.com
Thu Mar 5 05:15:54 GMT 2009
#9279: An apostophe in the URL takes you to the latest draft post
--------------------------+-------------------------------------------------
Reporter: geniosity | Owner: ryan
Type: defect (bug) | Status: new
Priority: low | Milestone: Unassigned
Component: Permalinks | Version:
Severity: minor | Keywords:
--------------------------+-------------------------------------------------
I just stumbled across something after somebody tried an XSS exploit on my
site. The URL that ended up being left in my logs was a post URL with an
apostrophe ' at the end.
For example:
http://www.example.com/cat1/my-post/'
When I clicked it, I was taken to the latest draft post I had. It looks
like it only does this if you're logged into the site (not sure if
privileges make a difference).
Is this a "known feature"?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/9279>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list