firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

그누보드 Stored XSS 취약점(KVE-2019-1198) 수정

Browse Source
This commit is contained in:
thisgun
2019-08-29 14:44:47 +09:00
parent c2922aaa13
commit 3c55c4d60d
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
adm/qa_config_update.php
View File

@ -50,6 +50,8 @@ if( $qa_include_tail && ! is_include_path_check($qa_include_tail, 1) ){
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 하단 파일 경로에 포함시킬수 없습니다.';
}
$_POST['qa_title'] = strip_tags($_POST['qa_title']);
$sql = " update {$g5['qa_config_table']}
set qa_title = '{$_POST['qa_title']}',
qa_category = '{$_POST['qa_category']}',