firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

KVE-2019-0828 그누보드 XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2019-05-27 09:39:13 +09:00
parent 18d4a60e03
commit 764cb34957
3 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
adm/contentformupdate.php
View File

@ -24,6 +24,7 @@ $co_id = preg_replace('/[^a-z0-9_]/i', '', $co_id);
$co_subject = strip_tags($co_subject);
$co_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_head, 0, 255));
$co_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_tail, 0, 255));
$co_tag_filter_use = isset($_POST['co_tag_filter_use']) ? (int) $_POST['co_tag_filter_use'] : 1;
// 관리자가 자동등록방지를 사용해야 할 경우
if (($co_row['co_include_head'] !== $co_include_head || $co_row['co_include_tail'] !== $co_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){