[wpmu-trac] [WordPress MU Trac] #249: iframes allowed but not
whitelisted
WordPress MU Trac
wpmu-trac at lists.automattic.com
Sat Feb 3 23:44:28 GMT 2007
#249: iframes allowed but not whitelisted
------------------------+---------------------------------------------------
Reporter: drmike | Owner: somebody
Type: defect | Status: new
Priority: high | Milestone: WPMU 1.0
Component: component1 | Version: 1.0
Severity: major | Keywords:
------------------------+---------------------------------------------------
Greets:
I note that iframes are allowed within the kses.php file with a not
stating that Andy will be whitelisting them.
Do note that this whitelist is not found within the code. At least not
for the domains it's being used for.
I'm marking this as a high severity as I feel it's a security issue.
Thanks Donncha
Regards,
-drmike
--
Ticket URL: <http://trac.mu.wordpress.org/ticket/249>
WordPress MU Trac <http://mu.wordpress.org/>
WordPress Multiuser
More information about the wpmu-trac
mailing list