#1871 closed defect (bug) (invalid)
Redacted
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Priority: | high | Milestone: | |
| Component: | Security | Version: | 1.5.2 |
| Severity: | normal | Keywords: | |
| Cc: |
Description (last modified by markjaquith)
Redacted
Change History (4)
comment:1
davidhouse — 8 years ago
comment:2
markjaquith — 8 years ago
Seems to me that it would be better to have the urlencode() protection within the wp_redirect() function itself...
comment:3
markjaquith — 8 years ago
- Description modified (diff)
- Reporter ManiacSoftwareManiacsOrg deleted
- Resolution set to invalid
- Status changed from new to closed
- Summary changed from XSS vulnerability through redirects to Redacted
comment:4
markjaquith — 8 years ago
Let's not give the bad guys a head start. Information has been saved and forwarded to security@…
Note: See
TracTickets for help on using
tickets.
Standard policy is to email security threats to security@…, so that the problem can be tested and acted on as quickly as possible, with the minimum number of people possible getting access to the threat.