firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2019-1581,1585,1586,1590,2020-0012]그누보드XSS취약점 수정

Browse Source
This commit is contained in:
thisgun
2020-02-12 11:33:53 +09:00
parent 30e0b93ecf
commit 992d3d93f4
7 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
adm/boardgroup_form_update.php
View File

@ -16,7 +16,7 @@ if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $_POST['gr_id']))
if (!$gr_subject) alert('그룹 제목을 입력하세요.');
$gr_subject = isset($_POST['gr_subject']) ? strip_tags($_POST['gr_subject']) : '';
$gr_subject = isset($_POST['gr_subject']) ? strip_tags(clean_xss_attributes($_POST['gr_subject'])) : '';
$sql_common = " gr_subject = '{$gr_subject}',
gr_device = '{$_POST['gr_device']}',