Fix several XSS vulnerabilities
In both the client and staff interfaces, where the URL and request parameters were echo'd back without any escaping
Showing
- include/client/edit.inc.php 1 addition, 1 deletioninclude/client/edit.inc.php
- include/client/tickets.inc.php 1 addition, 1 deletioninclude/client/tickets.inc.php
- include/staff/pwreset.login.php 1 addition, 1 deletioninclude/staff/pwreset.login.php
- include/staff/tickets.inc.php 1 addition, 1 deletioninclude/staff/tickets.inc.php
Loading
Please register or sign in to comment