[wp-testers] WP 2.1.2 Bogus Self-XSS-Injection destroys Article /
Page
Robin Adrianse
robin.adr at gmail.com
Tue Mar 20 18:01:54 GMT 2007
That's weird. It should treat the comments as just code.
On 3/20/07, Mark Styles <wp-testers at lambic.co.uk> wrote:
>
> On Tue, Mar 20, 2007 at 09:44:13AM -0700, Robin Adrianse wrote:
> > On 3/20/07, Tom Klingenberg <tklingenberg at lastflood.net> wrote:
> > >The following Text in Code Pane within the Editor has been changed from
> > >
> > ><a href="http://example.com/?page_id=4">Linktext</a>
> > >to
> > ><!-- a href="http://example.com/?page_id=4">Linktext</a -->
> > >
> > >and was then saved. Afterwards the whole Admin page ist part of your
> > >editing Process... .
> >
> >
> > I'm planning to attempt to see what you mean when I get around to it,
> but
> > what do you mean...?
> >
> > Maybe this problem is part of the current 2.1.3 RC as well, please
> check.
>
> I tried it, and I do get something weird. Here's what I did:
>
> Go to write page, switch to Code
> enter <a href="http://example.com/?page_id=4">Linktext</a>
> save the post
> edit the draft, switch to Code
> change the above to <!-- a href="http://example.com/?page_id=4">Linktext</a
> -->
> save the post
> edit the draft, switch to Code
> now the post has changed to <!-- a href="http://example.com/?page_id=4
> "-->Linktext
>
> And the post preview shows a messed up page with:
>
> ' ); function drawHTML(s) { document.write(s); } // -->
>
> at the end.
>
> hope that's helpful...
>
> --
> Mark
> http://www.lambic.co.uk
>
> _______________________________________________
> wp-testers mailing list
> wp-testers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-testers
>
More information about the wp-testers
mailing list