it's not a high level vuln, maybe medium or low
line 37
echo __("FATAL: Spike Kill method '%s' is Invalid\n", get_nfilter_request_var('method'));
should change into
echo __("FATAL: Spike Kill method '%s' is Invalid\n", htmlspecialchars(get_nfilter_request_var('method')));
I should found this at issue 877, I'm sorry for the delay
chen ruiqi
codesafe team of qihoo 360
The text was updated successfully, but these errors were encountered:
it's not a high level vuln, maybe medium or low

line 37
echo __("FATAL: Spike Kill method '%s' is Invalid\n", get_nfilter_request_var('method'));
should change into
echo __("FATAL: Spike Kill method '%s' is Invalid\n", htmlspecialchars(get_nfilter_request_var('method')));
I should found this at issue 877, I'm sorry for the delay
chen ruiqi
codesafe team of qihoo 360
The text was updated successfully, but these errors were encountered: