Skip to content
Permalink
Browse files Browse the repository at this point in the history
Security: Add script tags filter for users invitations in social network
  • Loading branch information
ywarnier committed Jul 20, 2021
1 parent dfae49f commit de43a77
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions main/inc/lib/social.lib.php
Expand Up @@ -662,6 +662,7 @@ public static function sendInvitationToUser($userId, $subject = '', $content = '
$user_info = api_get_user_info($userId);
$success = get_lang('MessageSentTo');
$success .= ' : '.api_get_person_name($user_info['firstName'], $user_info['lastName']);
$content = strip_tags($content);

if (isset($subject) && isset($content) && isset($userId)) {
$result = MessageManager::send_message($userId, $subject, $content);
Expand Down

0 comments on commit de43a77

Please sign in to comment.