XSS vulnerability in WordPress

just a quick note to anyone that uses wordpress on their website, developers have found a XSS vulnerability that could allow people to redirect you from your blog admin.
Comment author URLs were not being fully sanitized before they were displayed. This bug has been fixed in version 2.8.2 so best to upgrade as soon as possible…

blog post on wordpress.org

Tags: , ,

This entry was posted by Gavin on Tuesday, July 21st, 2009 at 9:02 am and is filed under Tools of the Trade.
You can follow any responses to this entry through the RSS 2.0 feed.

Enough of me, let me know your thoughts below...