[wp-trac] [WordPress Trac] #40472: Update PHPMailer to 5.2.25
WordPress Trac
noreply at wordpress.org
Fri Oct 6 16:22:16 UTC 2017
#40472: Update PHPMailer to 5.2.25
-------------------------------------+------------------------------
Reporter: MattyRob | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: External Libraries | Version: 4.8
Severity: normal | Resolution:
Keywords: has-patch needs-testing | Focuses:
-------------------------------------+------------------------------
Comment (by bgermann):
CVE-2017-11503 is not an issue for WordPress, because the example is not
included. BUT the potential XSS vulnerability may be an issue. The fix can
be seen at https://github.com/PHPMailer/PHPMailer/commit/d46ba2d186.
It does not need much time to integrate the existing (!) patch, but it
would take much time to ensure, WordPress is not affected by this. So why
not integrate the patch? Please!
--
Ticket URL: <https://core.trac.wordpress.org/ticket/40472#comment:9>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list