[wp-trac] [WordPress Trac] #14556: get_pagenum_link() vulnerable to XSS attacks
WordPress Trac
wp-trac at lists.automattic.com
Sat Aug 7 12:34:46 UTC 2010
#14556: get_pagenum_link() vulnerable to XSS attacks
--------------------------+-------------------------------------------------
Reporter: guigouz | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: 3.0.1
Severity: normal | Keywords: reporter-feedback
--------------------------+-------------------------------------------------
Comment(by scribu):
Replying to [comment:5 guigouz]:
> If you're not using mod_rewrite, wouldn't esc_url() mess with navigation
?
Nope. esc_url() is for escaping any type of URL.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/14556#comment:7>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list