[KVE-2019-1366]영카트 XSS 취약점 수정

2019-09-30 17:51:37 +09:00
parent 75da28aa03
commit 545efd6c2f
1 changed files with 1 additions and 1 deletions
--- a/adm/shop_admin/personalpayform.php
+++ b/adm/shop_admin/personalpayform.php
@ -112,7 +112,7 @@ if(!sql_query(" select pp_cash from {$g5['g5_shop_personalpay_table']} limit 1 "
            </tr>
            <tr>
                <th scope="row"><label for="pp_content">내용</label></th>
-                <td><textarea name="pp_content" id="pp_content" rows="8"><?php echo $pp['pp_content']; ?></textarea></td>
+                <td><textarea name="pp_content" id="pp_content" rows="8"><?php echo html_purifier($pp['pp_content']); ?></textarea></td>
            </tr>
            </tbody>
            </table>