Skip to content

Commit

Permalink
Fix XSS vulnerability on "site name"
Browse files Browse the repository at this point in the history
  • Loading branch information
@yurabakhtin
yurabakhtin committed Aug 12, 2016
1 parent 9a4ab85 commit dd975ff
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions skins_site/_site_body_header.inc.php
View file
Expand Up @@ -17,8 +17,8 @@
<?php
if( $Settings->get( 'notification_logo' ) != '' )
{
$site_title = $Settings->get( 'notification_long_name' ) != '' ? ' title="'.$Settings->get( 'notification_long_name' ).'"' : '';
$site_name_text = '<img src="'.$Settings->get( 'notification_logo' ).'" alt="'.$Settings->get( 'notification_short_name' ).'"'.$site_title.' />';
$site_title = $Settings->get( 'notification_long_name' ) != '' ? ' title="'.format_to_output( $Settings->get( 'notification_long_name' ), 'htmlattr' ).'"' : '';
$site_name_text = '<img src="'.$Settings->get( 'notification_logo' ).'" alt="'.format_to_output( $Settings->get( 'notification_short_name' ), 'htmlattr' ).'"'.$site_title.' />';
$site_title_class = ' swhead_logo';
}
else
Expand Down

0 comments on commit dd975ff

Please sign in to comment.