Merge pull request #1046 from virtualtam/security/login-xss
Fix XSS vulnerability
This commit is contained in:
commit
17dee65651
1 changed files with 1 additions and 1 deletions
|
@ -436,7 +436,7 @@ function ban_canLogin($conf)
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
ban_loginFailed($conf);
|
ban_loginFailed($conf);
|
||||||
$redir = '&username='. $_POST['login'];
|
$redir = '&username='. urlencode($_POST['login']);
|
||||||
if (isset($_GET['post'])) {
|
if (isset($_GET['post'])) {
|
||||||
$redir .= '&post=' . urlencode($_GET['post']);
|
$redir .= '&post=' . urlencode($_GET['post']);
|
||||||
foreach (array('description', 'source', 'title', 'tags') as $param) {
|
foreach (array('description', 'source', 'title', 'tags') as $param) {
|
||||||
|
|
Loading…
Reference in a new issue