[wp-trac] [WordPress Trac] #40472: Update PHPMailer to 5.2.25
WordPress Trac
noreply at wordpress.org
Sat Oct 21 18:10:32 UTC 2017
#40472: Update PHPMailer to 5.2.25
-------------------------------------+------------------------------
Reporter: MattyRob | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: External Libraries | Version: 4.8
Severity: minor | Resolution:
Keywords: has-patch needs-testing | Focuses:
-------------------------------------+------------------------------
Changes (by aaroncampbell):
* severity: normal => minor
Comment:
I took a look through our code and it doesn't look like we use the
`phpmailerException::errorMessage()` helper function anywhere, which would
mean the reported potential XSS doesn't affect WordPress core.
I'm of the general opinion that keeping our libraries up to date is good,
it's just not security related in this case.
As a side note, if it ''was'' a valid security issue it should really be
reported to https://hackerone.com/wordpress and not discussed publicly
here on Trac.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/40472#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list