From 01c719f87e474fe795312e0605dcb91c6fe9278e Mon Sep 17 00:00:00 2001
From: Jeremy Felt <jeremyfelt@git.wordpress.org>
Date: Mon, 6 Mar 2017 08:02:21 +0000
Subject: [PATCH] Validate video and audio metadata.

merge of [40148] to the 4.7 branch


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40149 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-admin/includes/media.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/wp-admin/includes/media.php b/src/wp-admin/includes/media.php
index ede25b3df7..d2f4854a2c 100644
--- a/src/wp-admin/includes/media.php
+++ b/src/wp-admin/includes/media.php
@@ -3072,6 +3072,8 @@ function wp_read_video_metadata( $file ) {
 
 	wp_add_id3_tag_data( $metadata, $data );
 
+	$metadata = wp_kses_post_deep( $metadata );
+
 	return $metadata;
 }
 
@@ -3117,6 +3119,8 @@ function wp_read_audio_metadata( $file ) {
 
 	wp_add_id3_tag_data( $metadata, $data );
 
+	$metadata = wp_kses_post_deep( $metadata );
+
 	return $metadata;
 }