WordPress.org

Make WordPress Core

Ticket #47482: 47482.diff

File 47482.diff, 342 bytes (added by abhijitrakas, 16 months ago)

Escape URL before use.

  • wp-includes/feed.php

     
    587587function atom_site_icon() {
    588588        $url = get_site_icon_url( 32 );
    589589        if ( $url ) {
     590                $url = esc_url( $url );
    590591                echo "<icon>$url</icon>\n";
    591592        }
    592593}