Make WordPress Core

Opened 13 years ago

Closed 13 years ago

Last modified 13 years ago

#13845 closed defect (bug) (fixed)

XSS/XHTML issue for edit-comments.php

Reported by: brettz95's profile brettz95 Owned by:
Milestone: 3.1 Priority: normal
Severity: normal Version:
Component: Security Keywords: reporter-feedback
Focuses: Cc:



When viewing edit-comments.php in the admin in application/xhtml+xml mode, I get a well-formedness error which also could indicate a possible XSS vulnerability since it is apparently user content prompting the insertion of invalid markup (in my case a spammer a < symbol inside <a href="...").

While I don't have a lot of time to research what the best way to do this would be, line 584 of /wp-includes/comment_template.php has the comment_text() function which is called by line 2075 of /wp-admin/includes/template.php (inside function _wp_comment_row ) which is called in line 402 (and 408) of wp-admin/edit-comments.php when producing <tbody id="the-comment-list">.

When I use htmlspecialchars inside the comment_text function, it fixes the problem (at least for this case).

function comment_text() {

echo apply_filters('comment_text', htmlspecialchars(get_comment_text()) ); Brett added htmlspecialchars


Would appreciate if someone might look into this, thanks...

Change History (3)

#1 @nacin
13 years ago

  • Keywords reporter-feedback added

I don't think your well-formed error is coming from an XSS issue. comment_text gets properly sanitized going in.

#2 @markjaquith
13 years ago

  • Resolution set to fixed
  • Status changed from new to closed

Should be fixed by [17192]

#3 @nacin
13 years ago

  • Milestone changed from Awaiting Review to 3.1
Note: See TracTickets for help on using tickets.