#19014 closed defect (bug) (invalid)
Titles containing JavaScript execute the JavaScript - XSS risk
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | major | Version: | 3.2.1 |
Component: | General | Keywords: | |
Focuses: | Cc: |
Description
I created a post with this title:
<script lang="javascript">alert('hacked');</script>
When the article rendered, the alert box rendered too. This means WordPress is vulnerable to JavaScript-based attacks such as cross-site scripting (XSS).
Change History (4)
#2
@
14 years ago
Working example:
Direct link to post:
http://rianjs.net/2011/10/alertfoo
Homepage with the post on it:
http://rianjs.net
Both trigger the JS.
Note: See
TracTickets for help on using
tickets.
Here's another great title:
<script language="javascript">document.location='http://www.you-are-hacked.com';</script>
which directs the browser to a malicious site.