Skip to content

Commit d3f3294

Browse files
committed
fixes #177, possible XSS in Media Manager plugin
1 parent e53acde commit d3f3294

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

Diff for: fp-plugins/mediamanager/panels/panel.mediamanager.file.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -233,7 +233,7 @@ function main() {
233233

234234
function onsubmit($data = NULL) {
235235
if (isset($_POST ['mm-newgallery'])) {
236-
$newgallery = $_POST ['mm-newgallery-name'];
236+
$newgallery = strip_tags($_POST ['mm-newgallery-name']);
237237
if ($newgallery == "") {
238238
$this->smarty->assign('success', -3);
239239
return 2;

0 commit comments

Comments
 (0)