[wp-trac] [WordPress Trac] #23480: Do Not Allow Negative IDs in wp_set_auth_cookie()
WordPress Trac
noreply at wordpress.org
Fri Feb 15 16:10:56 UTC 2013
#23480: Do Not Allow Negative IDs in wp_set_auth_cookie()
--------------------------+--------------------
Reporter: mordauk | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.6
Component: Users | Version: 3.5.1
Severity: major | Resolution:
Keywords: has-patch |
--------------------------+--------------------
Comment (by mordauk):
Thanks Nacin.
Any chance of getting
http://core.trac.wordpress.org/attachment/ticket/23480/23480.diff in
before 3.6?
I debated whether to report this to security at wordpress.org or here and
opted for here because it's not so much a security flaw as it is a flaw
that could result in security flaws unknowingly in plugins (as happened to
me).
--
Ticket URL: <http://core.trac.wordpress.org/ticket/23480#comment:3>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list