[wp-trac] [WordPress Trac] #11777: ms-edit.php / addblog action improperly sanitizes domains
WordPress Trac
wp-trac at lists.automattic.com
Wed Jan 6 19:05:30 UTC 2010
#11777: ms-edit.php / addblog action improperly sanitizes domains
-------------------------------+--------------------------------------------
Reporter: Denis-de-Bernardy | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.0
Component: Security | Version: 3.0
Severity: normal | Keywords:
-------------------------------+--------------------------------------------
it uses sanitize_user in non-strict mode with a twist:
{{{
$domain = sanitize_user( str_replace( '/', '', $blog[ 'domain' ] ) );
}}}
as I read sanitize_user, this can allow for subdomains with improper
characters in them.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11777>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list