Skip to content
Permalink
Browse files Browse the repository at this point in the history
Prevent XSS on Kanban
  • Loading branch information
trasher committed Mar 2, 2021
1 parent df91eab commit e7802fc
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions ajax/kanban.php
Expand Up @@ -47,6 +47,8 @@
parse_str($input, $_REQUEST);
}

$_REQUEST = Toolbox::clean_cross_side_scripting_deep($_REQUEST);

if (!isset($_REQUEST['action'])) {
Toolbox::logError("Missing action parameter");
http_response_code(400);
Expand Down

0 comments on commit e7802fc

Please sign in to comment.