firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2019-1571,1573,1578,1580]그누보드 XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2020-02-13 13:48:37 +09:00
parent 992d3d93f4
commit 120d8cf564
10 changed files with 17 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
adm/boardgroup_list_update.php
View File

@ -19,8 +19,8 @@ for ($i=0; $i<$count; $i++)
{
$k = $_POST['chk'][$i];
$gr_id = preg_replace('/[^a-z0-9_]/i', '', $_POST['group_id'][$k]);
$gr_subject = is_array($_POST['gr_subject']) ? strip_tags($_POST['gr_subject'][$k]) : '';
$gr_admin = is_array($_POST['gr_admin']) ? strip_tags($_POST['gr_admin'][$k]) : '';
$gr_subject = is_array($_POST['gr_subject']) ? strip_tags(clean_xss_attributes($_POST['gr_subject'][$k])) : '';
$gr_admin = is_array($_POST['gr_admin']) ? strip_tags(clean_xss_attributes($_POST['gr_admin'][$k])) : '';
if($_POST['act_button'] == '선택수정') {
$sql = " update {$g5['group_table']}