Permalink
Browse files

new_section vulnerability fixed

  • Loading branch information...
1 parent 732740e commit 40f1b4a5749a621cd27c5ca39900dbcf8701969d @oyejorge oyejorge committed Jan 2, 2013
Showing with 1 addition and 2 deletions.
  1. +1 −2 include/tool/editing_page.php
@@ -451,7 +451,6 @@ static function GetDefaultContent($type){
function NewSectionPrompt(){
global $langmessage;
-
ob_start();
echo '<div class="inline_box">';
echo '<form method="post" action="'.common::GetUrl($this->title).'">';
@@ -481,7 +480,7 @@ function NewSectionPrompt(){
echo '<p>';
echo '<input type="hidden" name="last_mod" value="'.$this->fileModTime.'" />';
- echo '<input type="hidden" name="section" value="'.$_GET['section'].'" />';
+ echo '<input type="hidden" name="section" value="'.htmlspecialchars($_GET['section']).'" />';
echo '<input type="hidden" name="cmd" value="add_section" />';
echo '<input type="submit" name="" value="'.$langmessage['save'].'" class="gpsubmit"/>';
echo ' <input type="button" name="" value="'.$langmessage['cancel'].'" class="admin_box_close gpcancel" />';

0 comments on commit 40f1b4a

Please sign in to comment.