[wp-trac] [WordPress Trac] #40740: Script tag accepting in comment section so we can break the page using script tag.
WordPress Trac
noreply at wordpress.org
Fri May 12 05:23:56 UTC 2017
#40740: Script tag accepting in comment section so we can break the page using
script tag.
--------------------------+-----------------------------
Reporter: jitheshkk | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 4.7.4
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
Script tags are accepting in comment box here is the example i placed
below code in comment box and submitted then page goes to blank.Here is my
code
<!-- Code comment --!>
<script>
console.log('test');
document.body.innerHTML ='';
</script>
--
Ticket URL: <https://core.trac.wordpress.org/ticket/40740>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list