그누보드 5.0.36 수정 내역 및 XSS 취약점 수정

2015-06-11 09:54:48 +09:00
parent 7110ccc12f
commit d5aca5ab93
12 changed files with 100 additions and 16 deletions
--- a/adm/sms_admin/form_write.php
+++ b/adm/sms_admin/form_write.php
@ -145,7 +145,7 @@ include_once(G5_ADMIN_PATH.'/admin.head.php');
    </div>
    <div class="btn_confirm01 btn_confirm">
        <input type="submit" value="확인" class="btn_submit" accesskey="s">
-        <a href="./form_list.php?<?php echo $_SERVER['QUERY_STRING']?>">목록</a>
+        <a href="./form_list.php?<?php echo clean_query_string($_SERVER['QUERY_STRING']); ?>">목록</a>
    </div>
 </form>