Opened 4 years ago

Closed 4 years ago

#4788 closed defect (bug) (fixed)

Various unescaped inputs/outputs

Reported by: jonoaldersonwp's profile jonoaldersonwp Owned by:
Milestone: Priority: normal
Component: General Keywords:


It looks like we have a bunch of areas where HTML inputs aren't escaped, resulting in potential XSS and display issues.

Comments on Make posts

Review/forum/support content

Change History (3)

This ticket was mentioned in Slack in #meta by jonoaldersonwp. View the logs.

4 years ago

#2 @Otto42
4 years ago

  • Priority changed from highest omg bbq to normal

The support forums have a known issue with list items being able to "break" the layout. We allow lists, but don't always properly check for UL or OL surrounding them, basically. It's a relatively minor flaw that the forum moderators know how to fix when they find it.

#3 @ocean90
4 years ago

  • Keywords seo security removed
  • Resolution set to fixed
  • Status changed from new to closed

Both formatting errors have been corrected.

Please keep in mind, it obviously also applies to

Note: See TracTickets for help on using tickets.