[KVE-2022-1984]관리자 개인결제 Stored XSS 취약점 수정

2022-11-21 10:35:35 +09:00
parent 9932b99a51
commit 311e879563
1 changed files with 1 additions and 1 deletions
--- a/adm/shop_admin/personalpayform.php
+++ b/adm/shop_admin/personalpayform.php
@ -227,7 +227,7 @@ if(!sql_query(" select pp_cash from {$g5['g5_shop_personalpay_table']} limit 1 "
            <?php } ?>
            <tr>
                <th scope="row"><label for="pp_shop_memo">상점메모</label></th>
-                <td><textarea name="pp_shop_memo" id="pp_shop_memo" rows="8"><?php echo $pp['pp_shop_memo']; ?></textarea></td>
+                <td><textarea name="pp_shop_memo" id="pp_shop_memo" rows="8"><?php echo html_purifier($pp['pp_shop_memo']); ?></textarea></td>
            </tr>
            <tr>
                <th scope="row"><label for="pp_use">사용</label></th>