firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

XSS 취약점 패치 및 5.0.30버전 수정내역 적용

Browse Source
This commit is contained in:
chicpro
2015-02-09 09:57:32 +09:00
parent 7ef2029a31
commit b477c2e720
11 changed files with 27 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
bbs/move_update.php
View File

@ -196,13 +196,14 @@ if ($sw == 'move')
}
$msg = '해당 게시물을 선택한 게시판으로 '.$act.' 하였습니다.';
$opener_href = './board.php?bo_table='.$bo_table.'&page='.$page.'&'.$qstr;
$opener_href = './board.php?bo_table='.$bo_table.'&page='.$page.'&'.$qstr;
$opener_href1 = str_replace('&', '&', $opener_href);
echo <<<HEREDOC
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<script>
alert("$msg");
opener.document.location.href = "$opener_href";
opener.document.location.href = "$opener_href1";
window.close();
</script>
<noscript>