Skip to content

Commit

Permalink
Fix EZP-20206/EZSA-2013-006: Xss vulnerability on user/login
Browse files Browse the repository at this point in the history 
http://share.ez.no/community-project/security-advisories/ezsa-2013-006-xss-vulnerability-on-user-login
  • Loading branch information
@andrerom
andrerom committed Aug 8, 2013
1 parent 4c2ffdc commit 099b42a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion packages/ezwebin_extension/ezextension/ezwebin/design/ezwebin/templates/user/login.tpl
View file
Expand Up @@ -65,7 +65,7 @@

{if and( is_set( $User:post_data ), is_array( $User:post_data ) )}
{foreach $User:post_data as $key => $postData}
<input name="Last_{$key}" value="{$postData}" type="hidden" /><br/>
<input name="Last_{$key|wash}" value="{$postData|wash}" type="hidden" /><br/>
{/foreach}
{/if}

Expand Down

0 comments on commit 099b42a

Please sign in to comment.