Make WordPress Core

Opened 15 years ago

Closed 15 years ago

Last modified 15 years ago

#11119 closed task (blessed) (fixed)

Press This Security Fix

Reported by: noel's profile noel Owned by: noel's profile noel
Milestone: 2.8.6 Priority: high
Severity: normal Version:
Component: Press This Keywords: press this, has-patch
Focuses: Cc:


Potential XSS for logged in users.

Patch attached.

Attachments (2)

press-this-xss-bug-11-10-2009.patch (736 bytes) - added by noel 15 years ago.
fixes potential xss issue
press-this.002.diff (1.8 KB) - added by markjaquith 15 years ago.

Download all attachments as: .zip

Change History (6)

15 years ago

fixes potential xss issue

#1 @markjaquith
15 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [12168]) Prevent XSS in press-this.php. props Benjamin Flesch. fixes #11119

#2 @markjaquith
15 years ago

(In [12169]) Some extra XSS protection. Redundant, but we should always escape late! see #11119

#3 @markjaquith
15 years ago

(In [12170]) Prevent XSS in press-this.php. props Benjamin Flesch. fixes #11119 for 2.8.x

#4 @ryan
15 years ago

  • Milestone changed from 2.9 to 2.8.6
Note: See TracTickets for help on using tickets.