Post/Page titles aren't fully escaped
|Reported by:||Viper007Bond||Owned by:|
- Write a post called "I <3 WordPress". Note you cannot use "<" as HTML is currently allowed in post titles (<del> for example is a valid usage).
- Save or Publish the post. You'll notice the title of the post is now "I <3 WordPress". This is incorrect and will break things if you save again.
Attached patch fully escapes all post titles.
Change History (6)
Note: See TracTickets for help on using tickets.