Permalink
Browse files

fix security vulnerability in search method, reported by pang0lin

  • Loading branch information...
dleffler committed Nov 3, 2016
1 parent e7b6856 commit e83721a5b9fcc88e1141a8fb29c3d1bd522257c1
Showing with 1 addition and 1 deletion.
  1. +1 −1 framework/modules/search/controllers/searchController.php
@@ -58,7 +58,7 @@ public function search()
if (get_magic_quotes_gpc()) {
$terms = stripslashes($terms);
}
$terms = htmlspecialchars($terms);
$terms = expString::escape(htmlspecialchars($terms));
if ($router->current_url == substr(URL_FULL, 0, -1)) { // give us a user friendly url
unset($router->params['int']);

0 comments on commit e83721a

Please sign in to comment.