Hi,
On Tue, 16 Oct 2012, Henri Salo wrote:
> How do you think we should proceed?
We're going to wait for a patch? Hasn't this been fixed for the upcoming
3.5 release?
If yes, we should be able to extract the patch from SVN (or directly
update to 3.5 when it's available).
Cheers,
--
Raphaƫl Her
I got this information from WordPress team member: "We've internally classified
this CSRF as not critical because of the limited impact; it cannot lead to XSS
or anything that amounts to much more than comment spam."
How do you think we should proceed?
More references:
https://bugs.gentoo.org/s
2 matches
Mail list logo
