Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix XSS reported by C. Weiler <sak1.s3curity@gmail.com> in notice.php
  • Loading branch information
eldy committed Jun 18, 2020
1 parent de5a2d7 commit 22ca5e0
Showing 1 changed file with 3 additions and 4 deletions.
7 changes: 3 additions & 4 deletions htdocs/public/notice.php
Expand Up @@ -41,9 +41,8 @@
}
else
{
$langs->load("error");
$langs->load("other");
$langs->loadLangs(array("error", "other"));

if (GETPOST('transphrase', 'alphanohtml')) print GETPOST('transphrase', 'alphanohtml');
if (GETPOST('transkey', 'alphanohtml')) print $langs->trans(GETPOST('transkey', 'alphanohtml'));
if (GETPOST('transphrase', 'alphanohtml')) print dol_escape_htmltag(GETPOST('transphrase', 'alphanohtml'));
elseif (GETPOST('transkey', 'alphanohtml')) print dol_escape_htmltag($langs->trans(GETPOST('transkey', 'alphanohtml')));
}

0 comments on commit 22ca5e0

Please sign in to comment.