Mirrors/Sequenzia
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #135 from terokorp/hotfix/forum_xss_fix

Browse Source 
Critical: xss vulnerability on forums, adding html encoding forum post title.
This commit is contained in:
Pop 2015-01-27 03:03:15 -05:00
commit 88f0a82032
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/views/forum/show.php
View File

@ -1,4 +1,4 @@
<?php $this->provide('title', $this->forum_post->title) ?>
<?php $this->provide('title', $this->h($this->forum_post->title)) ?>
<?php if ($this->forum_post->is_locked) : ?>
<div class="status-notice">
<p><?= $this->t('.locked') ?></p>