Skip to content
Snippets Groups Projects
Commit c3e2ce4f authored by Kyra ツ's avatar Kyra ツ
Browse files

Fix XSS Vulnerability In "tpl.inc.php" 

Another area was also outputting the unsanitized value.
parent 7044ac71
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
include/staff/tpl.inc.php
+ 1
1
View file @ c3e2ce4f
......@@ -108,7 +108,7 @@ $tpl=$msgtemplates[$selected];
<input type="hidden" name="draft_id" value=""/>
<textarea name="body" cols="21" rows="16" style="width:98%;" wrap="soft"
data-toolbar-external="#toolbar"
class="richtext draft" data-draft-namespace="tpl.<?php echo $selected; ?>"
class="richtext draft" data-draft-namespace="tpl.<?php echo Format::htmlchars($selected); ?>"
data-draft-object-id="<?php echo $tpl_id; ?>"><?php echo $info['body']; ?></textarea>
</div>
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment