firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2024-0021] Stored XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2024-03-25 09:25:53 +09:00
parent 985546fbad
commit 6705d014f9
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
adm/shop_admin/itemformupdate.php
View File

@ -285,8 +285,8 @@ if($supply_count) {
$value_array = array(); $value_array = array();
$count_ii_article = (isset($_POST['ii_article']) && is_array($_POST['ii_article'])) ? count($_POST['ii_article']) : 0; $count_ii_article = (isset($_POST['ii_article']) && is_array($_POST['ii_article'])) ? count($_POST['ii_article']) : 0;
for($i=0; $i<$count_ii_article; $i++) { for($i=0; $i<$count_ii_article; $i++) {
$key = isset($_POST['ii_article'][$i]) ? strip_tags($_POST['ii_article'][$i], '<br><span><strong><b>') : ''; $key = isset($_POST['ii_article'][$i]) ? html_purifier($_POST['ii_article'][$i]) : '';
$val = isset($_POST['ii_value'][$i]) ? strip_tags($_POST['ii_value'][$i], '<br><span><strong><b>') : ''; $val = isset($_POST['ii_value'][$i]) ? html_purifier($_POST['ii_value'][$i]) : '';
$value_array[$key] = $val; $value_array[$key] = $val;
} }
$it_info_value = addslashes(serialize($value_array)); $it_info_value = addslashes(serialize($value_array));