Skip to content

Commit

Permalink
remove xss in kb comments
Browse files Browse the repository at this point in the history
  • Loading branch information
orthagh authored and trasher committed May 5, 2020
1 parent 9f1117d commit 01189af
Showing 1 changed file with 2 additions and 12 deletions.
14 changes: 2 additions & 12 deletions inc/knowbaseitem_comment.class.php
Original file line number Diff line number Diff line change
Expand Up @@ -82,15 +82,7 @@ static function displayTabContentForItem(CommonGLPI $item, $tabnum = 1, $withtem
* @param $withtemplate integer withtemplate param (default 0)
**/
static function showForItem(CommonDBTM $item, $withtemplate = 0) {
global $DB, $CFG_GLPI;

$item_id = $item->getID();
$item_type = $item::getType();
if (isset($_GET["start"])) {
$start = intval($_GET["start"]);
} else {
$start = 0;
}
global $CFG_GLPI;

// Total Number of comments
if ($item->getType() == KnowbaseItem::getType()) {
Expand Down Expand Up @@ -309,9 +301,7 @@ static public function displayComments($comments, $cancomment, $level = 0) {
}

$html .= "<div class='item_content'>";
$html .= "<p>";
$html .= Toolbox::unclean_cross_side_scripting_deep($comment['comment']);
$html .= "</p>";
$html .= "<p>{$comment['comment']}</p>";
$html .= "</div>";
$html .= "</div>"; // displayed_content

Expand Down

0 comments on commit 01189af

Please sign in to comment.