Skip to content

Commit 8a59c2e

Browse files
committed
Fixed a potential cross-site scripting issue on the module view add page.
Thanks to High-Tech Bridge Security Research Lab for finding this and the Cross-Site Request Forgery issues.
1 parent 4b0faa9 commit 8a59c2e

File tree

1 file changed

+1
-1
lines changed
  • core/admin/modules/developer/modules/views

1 file changed

+1
-1
lines changed

Diff for: core/admin/modules/developer/modules/views/add.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<?
2-
$id = $_GET["module"];
2+
$id = htmlspecialchars($_GET["module"]);
33
$table = isset($_GET["table"]) ? $_GET["table"] : "";
44
$title = isset($_GET["title"]) ? htmlspecialchars($_GET["title"]) : "";
55

0 commit comments

Comments
 (0)