Knah-Tsaeb/MyShaarli
Knah-Tsaeb/MyShaarli
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #1046 from virtualtam/security/login-xss

Browse source 
Fix XSS vulnerability
This commit is contained in:
VirtualTam 2018-01-04 18:04:34 +01:00 committed by GitHub
commit 17dee65651
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
index.php
View file

@ -436,7 +436,7 @@ function ban_canLogin($conf)
else
{
ban_loginFailed($conf);
$redir = '&username='. $_POST['login'];
$redir = '&username='. urlencode($_POST['login']);
if (isset($_GET['post'])) {
$redir .= '&post=' . urlencode($_GET['post']);
foreach (array('description', 'source', 'title', 'tags') as $param) {