there's a major leak in WP, making it possible to hack all WP 2.0.x blogs.
http://www.securityfocus.com/archive/1/425043/30/0/threaded
until the team fix it, you can only close ALL comments.
XSS attack - WP unsecure (3 posts)
-
-
Short version: that advisory is bogus. Commenter URLs are stripped of all quotes and other invalid characters before storage and display.
Long version: the scripting code the author demonstrates only works when the following are true:
1. The visitor commented on the site in question with that code in his url, or had cookies planted in his browser to mimic the effect of leaving a comment with that code in the url.
2. The visitor is not logged in to the site in question (logged-in visitors do not see the URL input box) and therefore does not have his credentials in his browser's cookies, so they cannot be stolen by any script in the comment form. -
Here's a patch that eliminates any further annoyances caused by this effect:
Topic Closed
This topic has been closed to new replies.
