[wp-trac] [WordPress Trac] #53819: Atack XSS
WordPress Trac
noreply at wordpress.org
Wed Jul 28 23:28:48 UTC 2021
#53819: Atack XSS
-------------------------+-------------------------
Reporter: michal1994 | Owner: (none)
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: Security | Version:
Severity: normal | Resolution: invalid
Keywords: | Focuses: javascript
-------------------------+-------------------------
Changes (by peterwilsoncc):
* status: new => closed
* resolution: => invalid
* version: 5.8 =>
* component: General => Security
* milestone: Awaiting Review =>
Comment:
As noted during the submission process, in future when reporting suspected
security issues please do so to the
[https://hackerone.com/wordpress?type=team WordPress HackerOne program].
Fortunately this report is not a valid security issue as administrators
and editors are able to post any HTML by design. You can read more
information about this at https://make.wordpress.org/core/handbook/testing
/reporting-security-vulnerabilities/#why-are-some-users-allowed-to-post-
unfiltered-html
--
Ticket URL: <https://core.trac.wordpress.org/ticket/53819#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list