[wp-trac] Re: [WordPress Trac] #4344: Posting comments from
external websites
WordPress Trac
wp-trac at lists.automattic.com
Sun May 27 15:06:35 GMT 2007
#4344: Posting comments from external websites
-----------------------+----------------------------------------------------
Reporter: PsychoGun | Owner: anonymous
Type: defect | Status: closed
Priority: high | Milestone:
Component: Security | Version:
Severity: normal | Resolution: invalid
Keywords: |
-----------------------+----------------------------------------------------
Changes (by westi):
* status: reopened => closed
* resolution: => invalid
Comment:
Replying to [comment:7 PsychoGun]:
> You are stupid.
>
> This report is not invalid and you should test my proof of concept
before to edit it. This vulnerability do work, and the only data which are
really requiried are the "comment" and the "comment_post_ID".
> WordPress just dose not care if the "_wp_unfiltered_html_comment" is not
send, he does post de comment.
> You should try my POC. I did it in all versions, and it works.
>
I have tested you POC.
The point is the comment may get posted _but_ the javascript is escaped
and made safe so you are unable to inject javascript into the blog
comments.
WordPress projects against this type of comment inject as I have described
above.
--
Ticket URL: <http://trac.wordpress.org/ticket/4344#comment:11>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list