Dotclear


Ignore:
Timestamp:
01/12/18 07:57:00 (5 years ago)
Author:
franck <carnet.franck.paul@…>
Branch:
default
Children:
3650:11cb6291eea7, 3651:6980a7a06518
Message:

Fix potential XSS - thank's Trí Chim Trích for report

File:
1 edited

Legend:

Unmodified
Added
Removed

  • admin/auth.php

    r3627 r3649  
    8383{ 
    8484     $user_id = !empty($_POST['user_id']) ? $_POST['user_id'] : null; 
    85      $user_email = !empty($_POST['user_email']) ? $_POST['user_email'] : ''; 
     85     $user_email = !empty($_POST['user_email']) ? html::escapeHTML($_POST['user_email']) : ''; 
    8686     try 
    8787     { 
Note: See TracChangeset for help on using the changeset viewer.

Sites map