[wp-trac] [WordPress Trac] #47910: Stored Xss
WordPress Trac
noreply at wordpress.org
Wed Aug 21 09:34:56 UTC 2019
#47910: Stored Xss
-----------------------------+----------------------
Reporter: wildfighter0481 | Owner: (none)
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: General | Version: 5.2.2
Severity: normal | Resolution: invalid
Keywords: | Focuses:
-----------------------------+----------------------
Changes (by audrasjb):
* keywords: new =>
* status: new => closed
* resolution: => invalid
* milestone: Awaiting Review =>
Comment:
Hi and welcome on WordPress Trac,
Security related tickets [https://make.wordpress.org/core/handbook
/reporting-security-vulnerabilities/ should not be reported on Trac but on
HackerOne]. You probably missed it but there was an information message
about that in the "new trac ticket" screen.
Worth noting this is not a real security issue since administrators or
editors are able to [https://make.wordpress.org/core/handbook/testing
/reporting-security-vulnerabilities/#why-are-some-users-allowed-to-post-
unfiltered-html post arbitrary JavaScript].
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47910#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list