From 4c999721bbaec97694be5b7e2f43110e85518dae Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@sir.co.kr>
Date: Fri, 24 Jul 2015 09:53:40 +0900
Subject: [PATCH] =?UTF-8?q?XSS=20=EC=B7=A8=EC=95=BD=EC=A0=90=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bbs/password.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bbs/password.php b/bbs/password.php
index b29681143..ffd2a55b4 100644
--- a/bbs/password.php
+++ b/bbs/password.php
@@ -51,7 +51,7 @@ $sql = " select wr_subject from {$write_table}
                       and wr_is_comment = 0 ";
 $row = sql_fetch($sql);
 
-$g5['title'] = $row['wr_subject'];
+$g5['title'] = get_text($row['wr_subject']);
 
 include_once($member_skin_path.'/password.skin.php');