Fix XSS vulnerability

ZF-Commons · Jan 8, 2015 · baf0e46 · baf0e46
1 parent 1827610
commit baf0e46
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/view/zfc-user/user/login.phtml b/view/zfc-user/user/login.phtml
@@ -28,5 +28,5 @@ $form->setAttribute('method', 'post');
 <?php echo $this->form()->closeTag() ?>
 
 <?php if ($this->enableRegistration) : ?>
-<?php echo $this->translate('Not registered?'); ?> <a href="<?php echo $this->url('zfcuser/register') . ($this->redirect ? '?redirect='.$this->redirect : '') ?>"><?php echo $this->translate('Sign up!'); ?></a>
+<?php echo $this->translate('Not registered?'); ?> <a href="<?php echo $this->url('zfcuser/register') . ($this->redirect ? '?redirect='.$this->escapeUrl($this->redirect) : '') ?>"><?php echo $this->translate('Sign up!'); ?></a>
 <?php endif; ?>