[wp-trac] [WordPress Trac] #22132: Malicious script allowed in attachment Title, Caption and Description
WordPress Trac
wp-trac at lists.automattic.com
Mon Oct 8 18:59:14 UTC 2012
#22132: Malicious script allowed in attachment Title, Caption and Description
-----------------------------+--------------------------
Reporter: dglingren | Type: defect (bug)
Status: new | Priority: normal
Milestone: Awaiting Review | Component: Media
Version: 3.4.2 | Severity: normal
Keywords: |
-----------------------------+--------------------------
If you enter Javascript in the Title, Alternate Text, Caption and/or
Description fields of an attachment the Edit Media and Media Library
screens will properly escape and didplay it. However, the Gallery
shortcode and the display page reached from the attachment's permalink do
not escape these values and the script is executed.
For example, enter this in the Title field:
`Title"<script>alert('Title');</script>`
The double-quote terminates the text field and the script is executed.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/22132>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list