Skip to content

Commit

Permalink
Vulnerability fix: add strip_tags to details view in visitors module.
Browse files Browse the repository at this point in the history
  • Loading branch information
@andrzuk
andrzuk committed Jun 1, 2022
1 parent 37bfb4e commit d64fcba
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions lib/gener/view.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,7 +153,7 @@ public function build_view()
if ($ik == 'converted') $converted = $iv;
}
$main_text .= '<div>';
$main_text .= '<a href="' . $original . '" target="_blank">' . $converted . '</a>';
$main_text .= '<a href="' . strip_tags($original) . '" target="_blank">' . strip_tags($converted) . '</a>';
$main_text .= '</div>';
}
else // zwykłe dane
Expand All @@ -169,7 +169,7 @@ public function build_view()
}
else if (substr($this->row[$db_name], 0, 4) == '<img') // obrazek
{
$main_text .= $this->row[$db_name];
$main_text .= strip_tags($this->row[$db_name]);
}
else // zwykłe dane
{
Expand Down

0 comments on commit d64fcba

Please sign in to comment.