Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity

- web: fix XSS vulnerability 

svn path=/trunk/boinc/; revision=22470
This commit is contained in:
David Anderson 2010-10-07 17:11:15 +00:00
parent dce95aa1d0
commit f3a382154b
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
checkin_notes
View File

@ -7163,3 +7163,9 @@ David 7 Oct 2010
client/
log_flags.cpp,h
cs_scheduler.cpp
David 7 Oct 2010
- web: fix XSS vulnerability
html/inc/
pm.inc

2
html/inc/pm.inc
View File

@ -66,7 +66,7 @@ function pm_form($error = null) {
$writeto = $userid." (".$user->name.")";
}
} else {
$writeto = post_str("to", true);
$writeto = sanitize_tags(post_str("to", true));
$subject = post_str("subject", true);
$content = post_str("content", true);
}