firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2020-1617]그누보드 Cross Site Scripting(XSS) 취약점 수정

Browse Source
This commit is contained in:
thisgun
2021-03-15 14:30:00 +09:00
parent d0b2d6811e
commit 1aedb8f805
2 changed files with 75 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
adm/config_form_update.php
View File

@ -162,7 +162,11 @@ foreach( $check_keys as $k => $v ){
if( $v === 'int' ){
$posts[$key] = $_POST[$k] = isset($_POST[$k]) ? (int) $_POST[$k] : 0;
} else {
$posts[$key] = $_POST[$k] = isset($_POST[$k]) ? $_POST[$k] : '';
if(in_array($k, array('cf_analytics', 'cf_add_meta', 'cf_add_script', 'cf_stipulation', 'cf_privacy'))){
$posts[$key] = $_POST[$k] = isset($_POST[$k]) ? $_POST[$k] : '';
} else {
$posts[$key] = $_POST[$k] = isset($_POST[$k]) ? strip_tags(clean_xss_attributes($_POST[$k])) : '';
}
}
}