[SASHA-Code] SF.net SVN: sasha:[96] branches/SASHA_0.2/SASHA/inc/lib/lib.base.php
Brought to you by:
gphemsley
Menu
▾
▴
[SASHA-Code] SF.net SVN: sasha:[96] branches/SASHA_0.2/SASHA/inc/lib/lib.base.php
|
From: <gph...@us...> - 2011-12-20 00:17:00
|
Revision: 96
http://sasha.svn.sourceforge.net/sasha/?rev=96&view=rev
Author: gphemsley
Date: 2011-12-20 00:16:54 +0000 (Tue, 20 Dec 2011)
Log Message:
-----------
Patch part of XSS vulnerability reported by g13net and henrisalo in issue 13.
Modified Paths:
--------------
branches/SASHA_0.2/SASHA/inc/lib/lib.base.php
Modified: branches/SASHA_0.2/SASHA/inc/lib/lib.base.php
===================================================================
--- branches/SASHA_0.2/SASHA/inc/lib/lib.base.php 2011-12-20 00:01:08 UTC (rev 95)
+++ branches/SASHA_0.2/SASHA/inc/lib/lib.base.php 2011-12-20 00:16:54 UTC (rev 96)
@@ -924,6 +924,8 @@
$instructors[$id] = "$last_name, $first_initial.";
}
}
+
+ $instructors[$id] = htmlentities( $instructors[$id], ENT_QUOTES, 'UTF-8' );
}
return implode( $glue, $instructors );
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
