From 061e73c014e4304c8220216487183517bfe13484 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Tue, 18 Dec 2018 12:26:12 +0900
Subject: [PATCH] =?UTF-8?q?KVE-2018-1316=20=EC=B7=A8=EC=95=BD=EC=A0=90=20?=
 =?UTF-8?q?=EB=8B=A4=EC=8B=9C=20=EC=9E=AC=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 lib/common.lib.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/common.lib.php b/lib/common.lib.php
index 2ee0ad6c3..3ecde78c9 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -2885,10 +2885,12 @@ function clean_xss_tags($str)
 {
     $str_len = strlen($str);
     
+    $i = 0;
     while($i <= $str_len){
         $result = preg_replace('#</*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $str);
-        if((string)$result === (string)$str)
-            break;
+
+        if((string)$result === (string)$str) break;
+
         $str = $result;
         $i++;
     }