firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2022-0143] 그누보드 Open Redirect, Reflected XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2022-06-16 12:29:11 +09:00
parent bafa1c43bf
commit 32e9797fef
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/common.lib.php
View File

@ -3352,7 +3352,9 @@ function check_url_host($url, $msg='', $return_url=G5_URL, $is_redirect=false)
alert('url 에 올바르지 않은 값이 포함되어 있습니다.');
}
$url = urldecode($url);
while ( ( $replace_url = preg_replace(array('/\/{2,}/', '/\\@/'), array('//', ''), urldecode($url)) ) != $url ) {
$url = $replace_url;
}
$p = @parse_url(trim($url));
$host = preg_replace('/:[0-9]+$/', '', $_SERVER['HTTP_HOST']);
$is_host_check = false;