Fix XSS injection into textarea

Dolibarr · Sep 18, 2019 · 00d5cff · 00d5cff
1 parent e52788e
commit 00d5cff
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
@@ -116,6 +116,8 @@ function testSqlAndScriptInject($val, $type)
 		$inj += preg_match('/union.+select/i', 	 $val);
 		$inj += preg_match('/(\.\.%2f)+/i',		 $val);
 	}
+	// For XSS Injection done by closing textarea to exucute content into a textarea field
+	$inj += preg_match('/<\/textarea/i', $val);
 	// For XSS Injection done by adding javascript with script
 	// This is all cases a browser consider text is javascript:
 	// When it found '<script', 'javascript:', '<style', 'onload\s=' on body tag, '="&' on a tag size with old browsers