[wp-trac] [WordPress Trac] #41090: XSS via title and body in three defalut theme
WordPress Trac
noreply at wordpress.org
Sat Jun 17 21:54:16 UTC 2017
#41090: XSS via title and body in three defalut theme
--------------------------+------------------------------
Reporter: rudr4sarkar | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Themes | Version: 4.8
Severity: normal | Resolution:
Keywords: | Focuses: template
--------------------------+------------------------------
Comment (by voldemortensen):
First of all, this is not the proper place to report security issues.
There was a big, giant warning you had click through to post this.
https://hackerone.com/wordpress is the proper place.
Second, it's likely that this is just the fact you created the post as a
user that has the `unfiltered_html` capability. Please verify this is not
do to unfiltered_html and then report it in the proper place. I will be
deleting this ticket shortly.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/41090#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list