#13845 closed defect (bug) (fixed)
XSS/XHTML issue for edit-comments.php
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | 3.1 | Priority: | normal |
| Severity: | normal | Version: | |
| Component: | Security | Keywords: | reporter-feedback |
| Focuses: | Cc: |
Description
Hi,
When viewing edit-comments.php in the admin in application/xhtml+xml mode, I get a well-formedness error which also could indicate a possible XSS vulnerability since it is apparently user content prompting the insertion of invalid markup (in my case a spammer a < symbol inside <a href="...").
While I don't have a lot of time to research what the best way to do this would be, line 584 of /wp-includes/comment_template.php has the comment_text() function which is called by line 2075 of /wp-admin/includes/template.php (inside function _wp_comment_row ) which is called in line 402 (and 408) of wp-admin/edit-comments.php when producing <tbody id="the-comment-list">.
When I use htmlspecialchars inside the comment_text function, it fixes the problem (at least for this case).
function comment_text() {
echo apply_filters('comment_text', htmlspecialchars(get_comment_text()) ); Brett added htmlspecialchars
}
Would appreciate if someone might look into this, thanks...
I don't think your well-formed error is coming from an XSS issue. comment_text gets properly sanitized going in.