[KVE-2020-1597, 2021-0016] 그누보드 다중 취약점 수정

2021-01-13 11:48:34 +09:00
parent b01e04a91e
commit 102715421f
7 changed files with 33 additions and 34 deletions
--- a/adm/sms_admin/form_group.php
+++ b/adm/sms_admin/form_group.php
@ -136,7 +136,7 @@ function grouplist_submit(f)
        </td>
        <td class="td_left">
            <label for="fg_name_<?php echo $i; ?>" class="sound_only">그룹명</label>
-            <input type="text" name="fg_name[<?php echo $i; ?>]" value="<?php echo $group[$i]['fg_name']?>" id="fg_name_<?php echo $i; ?>" class="frm_input">
+            <input type="text" name="fg_name[<?php echo $i; ?>]" value="<?php echo get_sanitize_input($group[$i]['fg_name']); ?>" id="fg_name_<?php echo $i; ?>" class="frm_input">
            <input type="checkbox" name="fg_member[<?php echo $i; ?>]" value="1" id="fg_member_<?php echo $i; ?>" <?php if ($group[$i]['fg_member']) echo 'checked';?>>
            <label for="fg_member_<?php echo $i; ?>">회원</label>
        </td>