firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

그누보드 XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2020-02-13 16:24:27 +09:00
parent 3cf0546711
commit 3c0cde3fe2
5 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
adm/board_form_update.php
View File

@ -80,8 +80,8 @@ $bo_category_list = isset($_POST['bo_category_list']) ? str_replace($src_char, $
//https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
$str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $bo_category_list);
$_POST['bo_subject'] = strip_tags($_POST['bo_subject']);
$_POST['bo_mobile_subject'] = strip_tags($_POST['bo_mobile_subject']);
$_POST['bo_subject'] = strip_tags(clean_xss_attributes($_POST['bo_subject']));
$_POST['bo_mobile_subject'] = strip_tags(clean_xss_attributes($_POST['bo_mobile_subject']));
$sql_common = " gr_id = '{$gr_id}',
bo_subject = '{$_POST['bo_subject']}',