[wp-trac] [WordPress Trac] #27858: Bug HTML onmouseover and onmouseout
WordPress Trac
noreply at wordpress.org
Fri Aug 1 17:07:11 UTC 2014
#27858: Bug HTML onmouseover and onmouseout
--------------------------+-------------------------
Reporter: TTBoS | Owner:
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: 4.0
Component: TinyMCE | Version: 3.9
Severity: normal | Resolution:
Keywords: | Focuses: javascript
--------------------------+-------------------------
Comment (by azaozz):
> ...I added an onclick handler - I don't see it firing anywhere when i'm
in the editor.
Generally all browsers disable links, forms and scripts in
contentEditable. However the `on*` attributes are not disabled. The above
patch prevents MCE from filtering only `onmouseover` and `onmouseout` for
images, perhaps test with: `<img src="x" onmouseover="alert('xss')">`
--
Ticket URL: <https://core.trac.wordpress.org/ticket/27858#comment:17>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list