Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixing potential XSS attack vector. Thanks to Haojun Hou in ADLab of …
…Venustech.
  • Loading branch information
timbuckingham committed Dec 5, 2016
1 parent dcf99d1 commit 59ebef5
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion core/admin/ajax/dashboard/check-module-integrity.php
Expand Up @@ -48,7 +48,7 @@
?>
<li>
<section class="integrity_errors">
<a href="<?=ADMIN_ROOT.$module["route"]."/".$action["route"]."/".$_GET["id"]?>/" target="_blank">Edit</a>
<a href="<?=ADMIN_ROOT.$module["route"]."/".$action["route"]."/".htmlspecialchars($_GET["id"])?>/" target="_blank">Edit</a>
<span class="icon_small icon_small_warning"></span>
<p>Broken <?=(($type == "img") ? "Image" : "Link")?>: <?=$error?> in field &ldquo;<?=$form["fields"][$field]["title"]?>&rdquo;</p>
</section>
Expand Down

0 comments on commit 59ebef5

Please sign in to comment.