[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Noalyss-commit] [noalyss] 02/06: Security fix : f_id is a number
From: |
Dany De Bontridder |
Subject: |
[Noalyss-commit] [noalyss] 02/06: Security fix : f_id is a number |
Date: |
Sun, 3 Jun 2018 07:02:29 -0400 (EDT) |
sparkyx pushed a commit to annotated tag rel7006
in repository noalyss.
commit 65be169d34b787d26db7955b860ffc2370d53dae
Author: Dany De Bontridder <address@hidden>
Date: Sat Jun 2 08:33:03 2018 +0200
Security fix : f_id is a number
---
include/lib/html_input.class.php | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/lib/html_input.class.php b/include/lib/html_input.class.php
index a69eaaf..3fffb05 100755
--- a/include/lib/html_input.class.php
+++ b/include/lib/html_input.class.php
@@ -826,6 +826,7 @@ class HtmlInput
static function title_box($p_name, $p_div, $p_mod="close", $p_js="",
$p_draggable="n")
{
+ $p_div=strip_tags($p_div);
$r='<div class="bxbutton">';
// If draggable : display a icon to unpin and move the dialog box
- [Noalyss-commit] [noalyss] annotated tag rel7006 created (now 6f66015), Dany De Bontridder, 2018/06/03
- [Noalyss-commit] [noalyss] 02/06: Security fix : f_id is a number,
Dany De Bontridder <=
- [Noalyss-commit] [noalyss] 04/06: translation, Dany De Bontridder, 2018/06/03
- [Noalyss-commit] [noalyss] 01/06: Security fix : f_id is a number, Dany De Bontridder, 2018/06/03
- [Noalyss-commit] [noalyss] 05/06: CFGLED : security fix : remove $_REQUEST, Dany De Bontridder, 2018/06/03
- [Noalyss-commit] [noalyss] 03/06: Task #1619 : CFGLED change label for "Donner ici la fiche du compte en banque", Dany De Bontridder, 2018/06/03
- [Noalyss-commit] [noalyss] 06/06: CFGLED : cosmetic, Dany De Bontridder, 2018/06/03