[wp-trac] [WordPress Trac] #17401: Problems sanitizing image titles
WordPress Trac
wp-trac at lists.automattic.com
Thu May 12 17:45:25 UTC 2011
#17401: Problems sanitizing image titles
--------------------------+-----------------------------
Reporter: bi0xid | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Media | Version: 3.2
Severity: normal | Keywords: needs-patch
--------------------------+-----------------------------
Hello there.
If you upload an image in any article, you can put a title to it. If this
title has a `>`, it breaks the `img` tag and shows incorrectly (broken)
when publishing.
In the editor, when editing an article, all images are shown, even if they
are broken when published.
I have tried to exploit it, but `"` is sanitized to `"`, so this is
not a serious problem.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/17401>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list