[KVE-2022-2036] Gnuboard5 관리자페이지 내 Stored XSS 취약점 수정

2022-12-01 15:22:48 +09:00
parent 21dc36199f
commit 97a8352117
8 changed files with 12 additions and 10 deletions
--- a/adm/sms_admin/form_list.php
+++ b/adm/sms_admin/form_list.php
@ -174,7 +174,7 @@ function multi_update(sel)
            <input type="checkbox" name="fo_no[]" value="<?php echo $res['fo_no']?>" id="fo_no_<?php echo $i; ?>">
        </div>
        <div class="li_preview">
-            <textarea readonly class="box_txt box_square"><?php echo $res['fo_content']?></textarea>
+            <textarea readonly class="box_txt box_square"><?php echo html_purifier($res['fo_content']); ?></textarea>
        </div>
        <div class="li_info">
            <span class="sound_only">그룹 </span><b><?php echo $group_name?></b><br>