Fix XSS vulnerability in account registration

29b1c153 · Jared Hancock · e579d478 · 29b1c153
Commit 29b1c153 authored 10 years ago by Jared Hancock
--- a/include/client/register.inc.php
+++ b/include/client/register.inc.php
@@ -13,6 +13,7 @@ if (isset($user) && $user instanceof ClientCreateRequest) {
        'username' => $user->getUsername(),
    ));
 }
+$info = Format::htmlchars(($errors && $_POST)?$_POST:$info);

 ?>
 <h1>Account Registration</h1>