測試方式
http://XXXXX/wp-content/themes/twentyfifteen/genericons/example.html#1<img/ src=1 onerror= alert(1)>
解決方式
把 example.html 移除就好
參考 JetPack and TwentyFifteen Vulnerable to DOM-based XSS
補 : 已有 wordpress 4.2.2 版本,把檔案移除了
wp-content/themes/twentyfifteen/genericons/example.html (deleted) wp-content/themes/twentythirteen/genericons/example.html (deleted) wp-content/themes/twentyfourteen/genericons/example.html (deleted)
留言