그누보드 XSS 취약점(KVE-2019-1235,1236,1238)

2019-08-29 12:23:29 +09:00
parent 120d42c431
commit c2922aaa13
2 changed files with 2 additions and 2 deletions
--- a/adm/qa_config.php
+++ b/adm/qa_config.php
@ -306,7 +306,7 @@ if(!isset($qaconfig['qa_include_head'])) {
        <tr>
            <th scope="row"><label for="qa_insert_content">글쓰기 기본 내용</label></th>
            <td>
-                <textarea id="qa_insert_content" name="qa_insert_content" rows="5"><?php echo $qaconfig['qa_insert_content'] ?></textarea>
+                <textarea id="qa_insert_content" name="qa_insert_content" rows="5"><?php echo html_purifier($qaconfig['qa_insert_content']); ?></textarea>
            </td>
        </tr>
        <?php for ($i=1; $i<=5; $i++) { ?>