Reflected XSS 취약점 수정

2015-06-10 13:54:53 +09:00
parent ab30d5981d
commit 1a2f4251ed
9 changed files with 93 additions and 9 deletions
--- a/adm/sms_admin/num_book_write.php
+++ b/adm/sms_admin/num_book_write.php
@ -130,7 +130,7 @@ include_once(G5_ADMIN_PATH."/admin.head.php");

 <div class="btn_confirm01 btn_confirm">
    <input type="submit" value="확인" class="btn_submit" accesskey="s" onclick="return book_submit();">
-    <a href="./num_book.php?<?php echo $_SERVER['QUERY_STRING']?>">목록</a>
+    <a href="./num_book.php?<?php echo clean_query_string($_SERVER['QUERY_STRING']); ?>">목록</a>
 </div>

 </form>