id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc
22132,"Malicious script allowed in attachment Title, Caption and Description",dglingren,,"If you enter Javascript in the Title, Alternate Text, Caption and/or Description fields of an attachment the Edit Media and Media Library screens will properly escape and didplay it. However, the Gallery shortcode and the display page reached from the attachment's permalink do not escape these values and the script is executed.

For example, enter this in the Title field:

`Title""<script>alert('Title');</script>`

The double-quote terminates the text field and the script is executed.

",defect (bug),closed,normal,,Security,3.4.2,normal,invalid,,