[wp-trac] [WordPress Trac] #28610: Persistent XSS and CSRF on wordpress 3.9.1

WordPress Trac noreply at wordpress.org
Thu Nov 6 07:15:20 UTC 2014


#28610: Persistent XSS and CSRF on wordpress 3.9.1
---------------------------+---------------------
 Reporter:  avinash_thapa  |       Owner:  nacin
     Type:  defect (bug)   |      Status:  closed
 Priority:  normal         |   Milestone:
Component:  General        |     Version:  3.9.1
 Severity:  normal         |  Resolution:  fixed
 Keywords:                 |     Focuses:
---------------------------+---------------------
Changes (by nacin):

 * owner:   => nacin
 * resolution:  invalid => fixed


Comment:

 In [changeset:"30253"]:
 {{{
 #!CommitTicketReference repository="" revision="30253"
 Revert [28610] in order to avoid infinite redirect loops on reverse
 proxies which proxy from HTTPS to HTTP.

 Merges [30090] to the 4.0 branch.

 fixes #28610.
 }}}

--
Ticket URL: <https://core.trac.wordpress.org/ticket/28610#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list