id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
17779	Add some casts in Custom_Image_Header	xknown	nacin	The step_3 method of the Custom_Image_Header class does not sanitize the input data. One can pass for example any value in {{{$_POST['attachment_id']}}} (even an URL), which can cause memory consumption problems in multisite environments.	defect (bug)	closed	normal	3.2	Themes		normal	fixed	has-patch