firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2022-0120]그누보드_부적절한_권한_검증_취약점_수정

Browse Source
This commit is contained in:
thisgun
2022-06-15 16:11:06 +09:00
parent d8b6297579
commit bafa1c43bf
4 changed files with 22 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugin/inicert/ini_request.php
View File

@ -67,7 +67,7 @@ include_once(G5_PATH.'/head.sub.php');
<input type="hidden" name="userBirth" value="<?php echo $userBirth ?>">
<input type="hidden" name="userHash" value="<?php echo $userHash ?>">
<input type="hidden" name="mbId" value="<?php echo $member['mb_id'] ?>">
<input type="hidden" name="directAgency" value="<?php echo $_GET['directAgency']; ?>">
<input type="hidden" name="directAgency" value="<?php echo isset($_GET['directAgency']) ? clean_xss_tags($_GET['directAgency'], 1, 1) : ''; ?>">
<input type="hidden" name="successUrl" value="<?php echo $resultUrl; ?>"> <!-- 필수 값 -->
<input type="hidden" name="failUrl" value="<?php echo $resultUrl; ?>"> <!-- 필수 값 -->