external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix XSS vulnerability in "web/template/header.php".

Browse source 
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This commit is contained in:
Lukas Fleischer 2011-03-30 17:07:27 +02:00
parent 746c2b72b5
commit 0a625ae8ff
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
web/template/header.php
View file

@ -51,8 +51,8 @@
reset($SUPPORTED_LANGS); reset($SUPPORTED_LANGS);
foreach ($SUPPORTED_LANGS as $lang => $lang_name) { foreach ($SUPPORTED_LANGS as $lang => $lang_name) {
print '<a href="' print '<a href="'
. $_SERVER["PHP_SELF"]."?setlang=$lang\"" . htmlspecialchars($_SERVER["PHP_SELF"], ENT_QUOTES)
. " title=\"$lang_name\">" ."?setlang=$lang\" title=\"$lang_name\">"
. strtolower($lang) . "</a>\n"; . strtolower($lang) . "</a>\n";
} }
?> ?>