firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

그누보드 XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2020-02-13 16:24:27 +09:00
parent 3cf0546711
commit 3c0cde3fe2
5 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
adm/point_update.php
View File

@ -6,9 +6,9 @@ auth_check($auth[$sub_menu], 'w');
check_admin_token();
$mb_id = strip_tags($_POST['mb_id']);
$po_point = strip_tags($_POST['po_point']);
$po_content = strip_tags($_POST['po_content']);
$mb_id = strip_tags(clean_xss_attributes($_POST['mb_id']));
$po_point = strip_tags(clean_xss_attributes($_POST['po_point']));
$po_content = strip_tags(clean_xss_attributes($_POST['po_content']));
$expire = preg_replace('/[^0-9]/', '', $_POST['po_expire_term']);
$mb = get_member($mb_id);