[wp-trac] [WordPress Trac] #17400: Disable JavaScript in Comments
WordPress Trac
wp-trac at lists.automattic.com
Thu May 12 16:16:35 UTC 2011
#17400: Disable JavaScript in Comments
--------------------------+------------------------------
Reporter: Kuzmanov | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Comments | Version: 3.2
Severity: normal | Resolution:
Keywords: |
--------------------------+------------------------------
Comment (by Kuzmanov):
Only when I'm logged in as an admin. As I see no one can put <script> in
comments in WordPress 3.1.2, that's why I'm reporting this. It's not
'very' safe when someone can use <script> in the comments, even it's an
admin user.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/17400#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list