diff --git a/adm/board_form_update.php b/adm/board_form_update.php
index c668136a5..8ddb1840c 100644
--- a/adm/board_form_update.php
+++ b/adm/board_form_update.php
@@ -80,8 +80,8 @@ $bo_category_list = isset($_POST['bo_category_list']) ? str_replace($src_char, $
 //https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
 $str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $bo_category_list);
 
-$_POST['bo_subject'] = strip_tags($_POST['bo_subject']);
-$_POST['bo_mobile_subject'] = strip_tags($_POST['bo_mobile_subject']);
+$_POST['bo_subject'] = strip_tags(clean_xss_attributes($_POST['bo_subject']));
+$_POST['bo_mobile_subject'] = strip_tags(clean_xss_attributes($_POST['bo_mobile_subject']));
 
 $sql_common = " gr_id               = '{$gr_id}',
                 bo_subject          = '{$_POST['bo_subject']}',
diff --git a/adm/board_list_update.php b/adm/board_list_update.php
index 8a5ba44ec..552f60d99 100644
--- a/adm/board_list_update.php
+++ b/adm/board_list_update.php
@@ -33,7 +33,7 @@ if ($_POST['act_button'] == "선택수정") {
                 alert('최고관리자가 아닌 경우 다른 관리자의 게시판('.$board_table[$k].')은 수정이 불가합니다.');
         }
 
-        $p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags($_POST['bo_subject'][$k]) : '';
+        $p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'][$k])) : '';
 
         $sql = " update {$g5['board_table']}
                     set gr_id               = '".sql_real_escape_string(strip_tags($_POST['gr_id'][$k]))."',
diff --git a/adm/contentformupdate.php b/adm/contentformupdate.php
index 41170884b..58437acda 100644
--- a/adm/contentformupdate.php
+++ b/adm/contentformupdate.php
@@ -21,7 +21,7 @@ if ($w == "" || $w == "u")
 }
 
 $co_id = preg_replace('/[^a-z0-9_]/i', '', $co_id);
-$co_subject = strip_tags($co_subject);
+$co_subject = strip_tags(clean_xss_attributes($co_subject));
 $co_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_head, 0, 255));
 $co_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_tail, 0, 255));
 $co_tag_filter_use = isset($_POST['co_tag_filter_use']) ? (int) $_POST['co_tag_filter_use'] : 1;
diff --git a/adm/newwinformupdate.php b/adm/newwinformupdate.php
index fc2314800..74516634c 100644
--- a/adm/newwinformupdate.php
+++ b/adm/newwinformupdate.php
@@ -13,7 +13,7 @@ else
 
 check_admin_token();
 
-$nw_subject = isset($_POST['nw_subject']) ? strip_tags($_POST['nw_subject']) : '';
+$nw_subject = isset($_POST['nw_subject']) ? strip_tags(clean_xss_attributes($_POST['nw_subject'])) : '';
 
 $sql_common = " nw_division = '{$_POST['nw_division']}',
                 nw_device = '{$_POST['nw_device']}',
diff --git a/adm/point_update.php b/adm/point_update.php
index 571a1dfa6..ac1a70411 100644
--- a/adm/point_update.php
+++ b/adm/point_update.php
@@ -6,9 +6,9 @@ auth_check($auth[$sub_menu], 'w');
 
 check_admin_token();
 
-$mb_id = strip_tags($_POST['mb_id']);
-$po_point = strip_tags($_POST['po_point']);
-$po_content = strip_tags($_POST['po_content']);
+$mb_id = strip_tags(clean_xss_attributes($_POST['mb_id']));
+$po_point = strip_tags(clean_xss_attributes($_POST['po_point']));
+$po_content = strip_tags(clean_xss_attributes($_POST['po_content']));
 $expire = preg_replace('/[^0-9]/', '', $_POST['po_expire_term']);
 
 $mb = get_member($mb_id);
diff --git a/adm/sms_admin/form_write.php b/adm/sms_admin/form_write.php
index 6191bd59d..b8e4913f7 100644
--- a/adm/sms_admin/form_write.php
+++ b/adm/sms_admin/form_write.php
@@ -6,6 +6,8 @@ auth_check($auth[$sub_menu], "w");
 
 $g5['title'] = "이모티콘 ";
 
+$fg_no = isset($fg_no) ? (int) $fg_no : '';
+
 if ($w == 'u' && is_numeric($fo_no)) {
     $write = sql_fetch("select * from {$g5['sms5_form_table']} where fo_no='$fo_no'");
     $g5['title'] .= '수정';
diff --git a/adm/sms_admin/num_book.php b/adm/sms_admin/num_book.php
index 567e05f00..f4338c307 100644
--- a/adm/sms_admin/num_book.php
+++ b/adm/sms_admin/num_book.php
@@ -16,6 +16,8 @@ if ($page < 1) $page = 1;
 $bg_no = isset($bg_no) ? (int) $bg_no : 0;
 $st = isset($st) ? preg_replace('/[^a-z0-9]/i', '', $st) : '';
 
+$sql_korean = $sql_group = $sql_search = $sql_no_hp = '';
+
 if (is_numeric($bg_no))
     $sql_group = " and bg_no='$bg_no' ";
 else
@@ -127,9 +129,9 @@ function no_hp_click(val)
 <label for="bg_no" class="sound_only">그룹명</label>
 <select name="bg_no" id="bg_no" onchange="location.href='<?php echo $_SERVER['SCRIPT_NAME']?>?bg_no='+this.value;">
     <option value=""<?php echo get_selected('', $bg_no); ?>> 전체 </option>
-    <option value="<?php echo $no_group['bg_no']?>"<?php echo get_selected($bg_no, $no_group['bg_no']); ?>> <?php echo $no_group['bg_name']?> (<?php echo number_format($no_group['bg_count'])?> 명) </option>
+    <option value="<?php echo $no_group['bg_no']?>"<?php echo get_selected($no_group['bg_no'], $bg_no); ?>> <?php echo $no_group['bg_name']?> (<?php echo number_format($no_group['bg_count'])?> 명) </option>
     <?php for($i=0; $i<count($group); $i++) {?>
-    <option value="<?php echo $group[$i]['bg_no']?>"<?php echo get_selected($bg_no, $group[$i]['bg_no']);?>> <?php echo $group[$i]['bg_name']?> (<?php echo number_format($group[$i]['bg_count'])?> 명) </option>
+    <option value="<?php echo $group[$i]['bg_no']?>"<?php echo get_selected($group[$i]['bg_no'], $bg_no);?>> <?php echo $group[$i]['bg_name']?> (<?php echo number_format($group[$i]['bg_count'])?> 명) </option>
     <?php } ?>
 </select>
 <input type="checkbox" name="no_hp" id="no_hp" <?php echo $no_hp_checked?> onclick="no_hp_click(this.checked)">
diff --git a/adm/sms_admin/sms_write_form.php b/adm/sms_admin/sms_write_form.php
index fdbf64c91..103535b5e 100644
--- a/adm/sms_admin/sms_write_form.php
+++ b/adm/sms_admin/sms_write_form.php
@@ -7,6 +7,8 @@ while ($res = sql_fetch_array($qry)) array_push($group, $res);
 
 $res = sql_fetch("select count(*) as cnt from `{$g5['sms5_form_table']}` where fg_no=0");
 $no_count = $res['cnt'];
+
+$fg_no = isset($fg_no) ? (int) $fg_no : '';
 ?>
 
 <form name="emo_frm">
diff --git a/bbs/memo_view.php b/bbs/memo_view.php
index 144e98f43..be6bebc4f 100644
--- a/bbs/memo_view.php
+++ b/bbs/memo_view.php
@@ -31,14 +31,17 @@ else
     alert($kind.' 값을 넘겨주세요.');
 }
 
-$g5['title'] = $t.' 쪽지 보기';
-include_once(G5_PATH.'/head.sub.php');
-
 $sql = " select * from {$g5['memo_table']}
             where me_id = '$me_id'
             and me_{$kind}_mb_id = '{$member['mb_id']}' ";
 $memo = sql_fetch($sql);
 
+set_session('ss_memo_delete_token', $token = uniqid(time()));
+$del_link = 'memo_delete.php?me_id='.$memo['me_id'].'&amp;token='.$token.'&amp;kind='.$kind;
+
+$g5['title'] = $t.' 쪽지 보기';
+include_once(G5_PATH.'/head.sub.php');
+
 // 이전 쪽지
 $sql = " select me.*, a.rownum from `{$g5['memo_table']}` as me inner join ( select me_id , (@rownum:=@rownum+1) as rownum from `{$g5['memo_table']}` as memo, (select @rownum:=0) tmp where me_{$kind}_mb_id = '{$member['mb_id']}' and memo.me_type = '$kind' order by me_id desc ) as a on a.me_id = me.me_id where me.me_id < '$me_id' and me.me_{$kind}_mb_id = '{$member['mb_id']}' and me.me_type = '$kind' order by me.me_id desc limit 1 ";
 
diff --git a/common.php b/common.php
index 9a9690644..3136cabb6 100644
--- a/common.php
+++ b/common.php
@@ -306,12 +306,14 @@ if( $config['cf_cert_use'] || (defined('G5_YOUNGCART_VER') && G5_YOUNGCART_VER)
 	if(!function_exists('session_start_samesite')) {
 		function session_start_samesite($options = array())
 		{
+            global $g5;
+    
 			$res = @session_start($options);
 			
-			// IE 브라우저 또는 엣지브라우저 일때는 secure; SameSite=None 을 설정하지 않습니다.
-			if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) ){
-				return $res;
-			}
+            // IE 브라우저 또는 엣지브라우저 일때는 secure; SameSite=None, http 환경에서는 설정하지 않습니다.
+            if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) || ! (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') ){
+                return $res;
+            }
 
 			$headers = headers_list();
 			krsort($headers);
@@ -319,6 +321,7 @@ if( $config['cf_cert_use'] || (defined('G5_YOUNGCART_VER') && G5_YOUNGCART_VER)
 				if (!preg_match('~^Set-Cookie: PHPSESSID=~', $header)) continue;
 				$header = preg_replace('~; secure(; HttpOnly)?$~', '', $header) . '; secure; SameSite=None';
 				header($header, false);
+                $g5['session_cookie_samesite'] = 'none';
 				break;
 			}
 			return $res;
diff --git a/config.php b/config.php
index c69f2fede..71cd705a1 100644
--- a/config.php
+++ b/config.php
@@ -5,8 +5,8 @@
 ********************/
 
 define('G5_VERSION', '그누보드5');
-define('G5_GNUBOARD_VER', '5.4.1.9');
-define('G5_YOUNGCART_VER', '5.4.1.9');
+define('G5_GNUBOARD_VER', '5.4.2');
+define('G5_YOUNGCART_VER', '5.4.2');
 
 // 이 상수가 정의되지 않으면 각각의 개별 페이지는 별도로 실행될 수 없음
 define('_GNUBOARD_', true);
diff --git a/lib/common.lib.php b/lib/common.lib.php
index e196d9432..9846b15c0 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -116,11 +116,13 @@ function goto_url($url)
 // 세션변수 생성
 function set_session($session_name, $value)
 {
+	global $g5;
+
 	static $check_cookie = null;
 	
 	if( $check_cookie === null ){
 		$cookie_session_name = session_name();
-		if( ! ($cookie_session_name && isset($_COOKIE[$cookie_session_name]) && $_COOKIE[$cookie_session_name]) && ! headers_sent() ){
+		if( ! isset($g5['session_cookie_samesite']) && ! ($cookie_session_name && isset($_COOKIE[$cookie_session_name]) && $_COOKIE[$cookie_session_name]) && ! headers_sent() ){
 			@session_regenerate_id(false);
 		}
 
diff --git a/mobile/skin/member/basic/memo_view.skin.php b/mobile/skin/member/basic/memo_view.skin.php
index e555125a9..17fee28de 100644
--- a/mobile/skin/member/basic/memo_view.skin.php
+++ b/mobile/skin/member/basic/memo_view.skin.php
@@ -39,7 +39,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
 						<li class="memo_view_nick"><?php echo $nick ?></li>
 						<li class="memo_view_date"><span class="sound_only"><?php echo $kind_date ?>시간</span><i class="fa fa-clock-o" aria-hidden="true"></i> <?php echo $memo['me_send_datetime'] ?></li> 
 						<li class="memo_op_btn list_btn"><a href="<?php echo $list_link ?>" class="btn_b01 btn"><i class="fa fa-list" aria-hidden="true"></i><span class="sound_only">목록</span></a></li>
-						<li class="memo_op_btn del_btn"><a href="<?php echo $list[$i]['del_href'] ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
+						<li class="memo_op_btn del_btn"><a href="<?php echo $del_link; ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
 					</ul>
                     <div class="memo_btn">
                     	<?php if($prev_link) {  ?>
diff --git a/skin/member/basic/memo_view.skin.php b/skin/member/basic/memo_view.skin.php
index e555125a9..17fee28de 100644
--- a/skin/member/basic/memo_view.skin.php
+++ b/skin/member/basic/memo_view.skin.php
@@ -39,7 +39,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
 						<li class="memo_view_nick"><?php echo $nick ?></li>
 						<li class="memo_view_date"><span class="sound_only"><?php echo $kind_date ?>시간</span><i class="fa fa-clock-o" aria-hidden="true"></i> <?php echo $memo['me_send_datetime'] ?></li> 
 						<li class="memo_op_btn list_btn"><a href="<?php echo $list_link ?>" class="btn_b01 btn"><i class="fa fa-list" aria-hidden="true"></i><span class="sound_only">목록</span></a></li>
-						<li class="memo_op_btn del_btn"><a href="<?php echo $list[$i]['del_href'] ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
+						<li class="memo_op_btn del_btn"><a href="<?php echo $del_link; ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
 					</ul>
                     <div class="memo_btn">
                     	<?php if($prev_link) {  ?>
diff --git a/skin/outlogin/basic/style.css b/skin/outlogin/basic/style.css
index fed39d8da..f233abd23 100644
--- a/skin/outlogin/basic/style.css
+++ b/skin/outlogin/basic/style.css
@@ -8,6 +8,7 @@
 .ol form {padding:20px}
 .ol a.btn_admin {display:inline-block;padding:0 10px;height:25px;text-decoration:none;line-height:25px;vertical-align:middle} /* 관리자 전용 버튼 */
 .ol a.btn_admin:focus, .ol a.btn_admin:hover {text-decoration:none}
+.ol .login-sns{padding-bottom:0px}
 
 #ol_before {}
 #ol_before:after {display:block;visibility:hidden;clear:both;content:""}
diff --git a/skin/social/style.css b/skin/social/style.css
index 155b5b532..d984ac9b9 100644
--- a/skin/social/style.css
+++ b/skin/social/style.css
@@ -7,7 +7,7 @@
 .bg-warning3 {background:#fff8dc;border:1px solid #f1e4b2}
 
 /* SNS LOGIN */
-.login-sns {margin-top:5px;border:1px solid #dde7e9;border-bottom:1px solid #dde7e9;clear:both;background:#fff}
+.login-sns {padding-bottom:10px;margin-top:5px;border:1px solid #dde7e9;border-bottom:1px solid #dde7e9;clear:both;background:#fff}
 .login-sns h3 {padding-top:10px;text-align:center;color:#777;font-weight:normal}
 .sns-wrap {margin:10px 0 0;text-align:center}
 .sns-icon {display:inline-block;vertical-align:middle;text-decoration:none}
diff --git a/theme/basic/mobile/skin/member/basic/memo_view.skin.php b/theme/basic/mobile/skin/member/basic/memo_view.skin.php
index e555125a9..17fee28de 100644
--- a/theme/basic/mobile/skin/member/basic/memo_view.skin.php
+++ b/theme/basic/mobile/skin/member/basic/memo_view.skin.php
@@ -39,7 +39,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
 						<li class="memo_view_nick"><?php echo $nick ?></li>
 						<li class="memo_view_date"><span class="sound_only"><?php echo $kind_date ?>시간</span><i class="fa fa-clock-o" aria-hidden="true"></i> <?php echo $memo['me_send_datetime'] ?></li> 
 						<li class="memo_op_btn list_btn"><a href="<?php echo $list_link ?>" class="btn_b01 btn"><i class="fa fa-list" aria-hidden="true"></i><span class="sound_only">목록</span></a></li>
-						<li class="memo_op_btn del_btn"><a href="<?php echo $list[$i]['del_href'] ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
+						<li class="memo_op_btn del_btn"><a href="<?php echo $del_link; ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
 					</ul>
                     <div class="memo_btn">
                     	<?php if($prev_link) {  ?>
diff --git a/theme/basic/skin/member/basic/memo_view.skin.php b/theme/basic/skin/member/basic/memo_view.skin.php
index e555125a9..17fee28de 100644
--- a/theme/basic/skin/member/basic/memo_view.skin.php
+++ b/theme/basic/skin/member/basic/memo_view.skin.php
@@ -39,7 +39,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
 						<li class="memo_view_nick"><?php echo $nick ?></li>
 						<li class="memo_view_date"><span class="sound_only"><?php echo $kind_date ?>시간</span><i class="fa fa-clock-o" aria-hidden="true"></i> <?php echo $memo['me_send_datetime'] ?></li> 
 						<li class="memo_op_btn list_btn"><a href="<?php echo $list_link ?>" class="btn_b01 btn"><i class="fa fa-list" aria-hidden="true"></i><span class="sound_only">목록</span></a></li>
-						<li class="memo_op_btn del_btn"><a href="<?php echo $list[$i]['del_href'] ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
+						<li class="memo_op_btn del_btn"><a href="<?php echo $del_link; ?>" onclick="del(this.href); return false;" class="memo_del btn_b01 btn"><i class="fa fa-trash-o" aria-hidden="true"></i> <span class="sound_only">삭제</span></a></li>	
 					</ul>
                     <div class="memo_btn">
                     	<?php if($prev_link) {  ?>
diff --git a/theme/basic/skin/outlogin/basic/style.css b/theme/basic/skin/outlogin/basic/style.css
index fed39d8da..f233abd23 100644
--- a/theme/basic/skin/outlogin/basic/style.css
+++ b/theme/basic/skin/outlogin/basic/style.css
@@ -8,6 +8,7 @@
 .ol form {padding:20px}
 .ol a.btn_admin {display:inline-block;padding:0 10px;height:25px;text-decoration:none;line-height:25px;vertical-align:middle} /* 관리자 전용 버튼 */
 .ol a.btn_admin:focus, .ol a.btn_admin:hover {text-decoration:none}
+.ol .login-sns{padding-bottom:0px}
 
 #ol_before {}
 #ol_before:after {display:block;visibility:hidden;clear:both;content:""}