[KVE-2019-1581,1585,1586,1590,2020-0012]그누보드XSS취약점 수정

2020-02-12 11:33:53 +09:00
parent 30e0b93ecf
commit 992d3d93f4
7 changed files with 14 additions and 14 deletions
--- a/adm/sms_admin/form_update.php
+++ b/adm/sms_admin/form_update.php
@ -4,8 +4,8 @@ include_once("./_common.php");

 auth_check($auth[$sub_menu], "w");

-$fo_name = isset($fo_name) ? strip_tags($fo_name) : '';
-$fo_content = isset($fo_content) ? strip_tags($fo_content) : '';
+$fo_name = isset($fo_name) ? strip_tags(clean_xss_attributes($fo_name)) : '';
+$fo_content = isset($fo_content) ? strip_tags(clean_xss_attributes($fo_content)) : '';

 $g5['title'] = "이모티콘 업데이트";