id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
18056	dc:creator needs to be escaped in RSS feed	Nettsentrisk		"If the author name contains any special characters, they might end up in the RSS feed unescaped, causing failed feed validation and thus causing problems for many readers.

The code now is:

<dc:creator><?php the_author() ?></dc:creator>

Shouldn't this be:

<dc:creator><![CDATA[<?php the_author() ?>]]></dc:creator>

Or: 

<dc:creator><?php htmlspecialchars(the_author()) ?></dc:creator>

This might be a result of a custom author plugin not escaping these characters on the way into the database, but Wordpress should handle this more robustly to prevent plugin authors from messing things up like this."	defect (bug)	new	normal	Awaiting Review	Feeds	3.2	major		has-patch