Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixed a potential cross-site scripting issue on the module view add p…
…age.

Thanks to High-Tech Bridge Security Research Lab for finding this and the Cross-Site Request Forgery issues.
  • Loading branch information
timbuckingham committed Jul 17, 2013
1 parent 4b0faa9 commit 8a59c2e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion core/admin/modules/developer/modules/views/add.php
@@ -1,5 +1,5 @@
<?
$id = $_GET["module"];
$id = htmlspecialchars($_GET["module"]);
$table = isset($_GET["table"]) ? $_GET["table"] : "";
$title = isset($_GET["title"]) ? htmlspecialchars($_GET["title"]) : "";

Expand Down

0 comments on commit 8a59c2e

Please sign in to comment.