[KVE-2019-0688,0689,0691,0694,0708,0709,0750,0762,0791,0802,0846] 그누보드,영카트 다중 취약점 수정

2019-05-24 10:44:48 +09:00
parent e234b990ec
commit 18d4a60e03
9 changed files with 54 additions and 24 deletions
--- a/adm/contentform.php
+++ b/adm/contentform.php
@ -86,11 +86,11 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
    </tr>
    <tr>
        <th scope="row">내용</th>
-        <td><?php echo editor_html('co_content', get_text($co['co_content'], 0)); ?></td>
+        <td><?php echo editor_html('co_content', get_text(html_purifier($co['co_content']), 0)); ?></td>
    </tr>
    <tr>
        <th scope="row">모바일 내용</th>
-        <td><?php echo editor_html('co_mobile_content', get_text($co['co_mobile_content'], 0)); ?></td>
+        <td><?php echo editor_html('co_mobile_content', get_text(html_purifier($co['co_mobile_content']), 0)); ?></td>
    </tr>
    <tr>
        <th scope="row"><label for="co_skin">스킨 디렉토리<strong class="sound_only">필수</strong></label></th>