firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Stored XSS 취약점 수정 (17-557)

Browse Source
This commit is contained in:
thisgun
2017-08-14 17:23:23 +09:00
parent 9be00683d9
commit ad102421cb
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
bbs/qawrite.php
View File

@ -76,7 +76,10 @@ if(is_file($skin_file)) {
$content .= get_text($write['qa_content'], 0); $content .= get_text($write['qa_content'], 0);
} else { } else {
$content = get_text($write['qa_content'], 0); //$content = get_text($write['qa_content'], 0);
// KISA 취약점 권고사항 Stored XSS
$content = get_text(html_purifier($write['qa_content']), 0);
} }
$editor_html = editor_html('qa_content', $content, $is_dhtml_editor); $editor_html = editor_html('qa_content', $content, $is_dhtml_editor);