[wp-trac] [WordPress Trac] #31233: HTTP Header CRLF Injection (HTTP Response Splitting) wp-login.php
WordPress Trac
noreply at wordpress.org
Wed Feb 4 18:03:39 UTC 2015
#31233: HTTP Header CRLF Injection (HTTP Response Splitting) wp-login.php
------------------------------------+--------------------
Reporter: roadrashtx | Owner:
Type: defect (bug) | Status: new
Priority: high | Milestone: 4.1.1
Component: Login and Registration | Version: 4.1
Severity: normal | Resolution:
Keywords: | Focuses:
------------------------------------+--------------------
Changes (by johnbillion):
* priority: normal => high
* milestone: Awaiting Review => 4.1.1
Comment:
When you opened this ticket, did you miss the two large messages stating
that security issues should not be reported here? The messages are really
hard to miss.
[[Image(https://i.imgur.com/iN0rW6z.png)]]
[[Image(https://i.imgur.com/7lRbNxt.png)]]
The WordPress security team are now looking into this issue. If you have
any additional information to add, please contact the email address above.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/31233#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list