Changes between Initial Version and Version 13 of Ticket #57336
- Timestamp:
- 10/13/2023 09:39:32 PM (12 months ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #57336
- Property Focuses multisite added; privacy removed
-
Property
Component
changed from
Login and Registration
toNetworks and Sites
-
Property
Summary
changed from
Sanitize url and title missing
toEscape missing URLs and HTML element content in wp-activate.php
- Property Owner changed from rafiq91 to rajinsharwar
-
Property
Milestone
changed from
Awaiting Review
to6.4
- Property Keywords has-testing-info added
-
Ticket #57336 – Description
initial v13 1 1. The login title in wp-login.php is not sanitized properly https://prnt.sc/MJLEeeUWf7BE 2 2. Network site URL is also not properly sanitized https://prnt.sc/6rFVD0ClxbO- 1 In the wp-activate.php file, 2 3 1. We have some unescaped instances of the "network_site_url()" function. 4 2. We have some unescaped URLs being used. 5 3. We have some unescaped HTML element content. 6 7 This ticket escapes the missing unescaped instances.