Ticket #5484 (closed defect: fixed)

Opened 5 months ago

Last modified 5 months ago

Escape POP3 error messages

Reported by: xknown Assigned to: anonymous
Priority: normal Milestone: 2.5
Component: Security Version: 2.3.1
Severity: normal Keywords:
Cc:

Description

All POP3 error messages in wp-mail.php should be properly escaped because it can be used to perform XSS attacks.

Attachments

wp-mail.diff (0.9 kB) - added by xknown on 12/18/07 19:47:24.

Change History

12/18/07 19:47:24 changed by xknown

  • attachment wp-mail.diff added.

12/18/07 20:06:37 changed by ryan

  • status changed from new to closed.
  • resolution set to fixed.

(In [6404]) Escape pop3 error messages. Props xknown. fixes #5484

12/24/07 08:13:36 changed by ryan

(In [6487]) Escape pop3 error messages. Props xknown. fixes #5484 for 2.3