#1525 closed defect (bug) (invalid)
bbP Plugin: Any Javascript posted to the forum is executed.
Reported by: | tooltrainer | Owned by: | |
---|---|---|---|
Milestone: | 2.0 | Priority: | omg sweet tea |
Severity: | blocker | Version: | 1.0-alpha-2 |
Component: | Component - Replies | Keywords: | javascript |
Cc: |
Description
I can post this in any topic description or reply and it will be executed when the page is loaded:
<script type='text/javascript'>
location.href='http://google.com';
</script>
Really scary, means users can hijack the site or do many other bad bad things.
Note: See
TracTickets for help on using
tickets.
Not a bug. You have the unfiltered_html capability because you are a site admin. In the future please refrain from posting any possible security vulnerabilities publicly, and instead reference the Security FAQ over at WordPress.org:
http://codex.wordpress.org/Security_FAQ