Skip to content
Permalink
Browse files Browse the repository at this point in the history
fix security vulnerability in search method, reported by pang0lin
  • Loading branch information
dleffler committed Nov 3, 2016
1 parent e7b6856 commit e83721a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion framework/modules/search/controllers/searchController.php
Expand Up @@ -58,7 +58,7 @@ public function search()
if (get_magic_quotes_gpc()) {
$terms = stripslashes($terms);
}
$terms = htmlspecialchars($terms);
$terms = expString::escape(htmlspecialchars($terms));

if ($router->current_url == substr(URL_FULL, 0, -1)) { // give us a user friendly url
unset($router->params['int']);
Expand Down

0 comments on commit e83721a

Please sign in to comment.