Xss in comment of default wordpress

  • Just put <script>code</script> in the comment section and it will lead you to
    xss in comment

    • This topic was modified 8 years, 5 months ago by a5bmt.
Viewing 1 replies (of 1 total)

  • administrators are allowed to post unrestricted html code.. ??

    Normal users cant.

    Its not a bug.

    You really believe that millions of users and developers would have missed something like this? ??

    • This reply was modified 8 years, 5 months ago by SGURYGF.
Viewing 1 replies (of 1 total)
  • The topic ‘Xss in comment of default wordpress’ is closed to new replies.