[wp-trac] [WordPress Trac] #11128: QuickPress XSS fix
WordPress Trac
wp-trac at lists.automattic.com
Fri Nov 13 21:34:20 UTC 2009
#11128: QuickPress XSS fix
-------------------------+--------------------------------------------------
Reporter: Simek | Owner: ryan
Type: enhancement | Status: new
Priority: normal | Milestone: 2.9
Component: Security | Version: 2.9
Severity: minor | Keywords: has-patch tested
-------------------------+--------------------------------------------------
Comment(by ryan):
That's pulling a title from the DB that should already be sanitized. We
should go ahead escape it anyway, but this doesn't seem to be very
dangerous.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11128#comment:1>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list