[wp-trac] [WordPress Trac] #32869: XSS Problem on Wordpress 4
WordPress Trac
noreply at wordpress.org
Fri Jul 3 04:49:26 UTC 2015
#32869: XSS Problem on Wordpress 4
--------------------------+-----------------------------
Reporter: MohsineBen | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 4.0
Severity: normal | Keywords:
Focuses: javascript |
--------------------------+-----------------------------
Hi, i think Wordpress 4 is suffring from Cross Site Scripting problem , i
tested it on 2 websites :
1-http://www.argent-
dz.com/?s=%22-%3E%3Cscript%3Eprompt%28112233445566%29%3C%2Fscript%3E%22
2-http://axcit.com/?s=%22-%3E%3Cscript%3Eprompt(112233)%3C%2Fscript%3E%22
it will take maybe 4 or 3 secends so that the error message appears
(alert windows)
aand this is the result:
http://prntscr.com/7o81or
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32869>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list