Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
$kind 변수를 이용한 XSS 취약점 수정 (Pocas님,211214)
  • Loading branch information
@kagla
kagla committed Dec 14, 2021
1 parent 796b6d9 commit 2e81619
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion bbs/memo.php
View file
Expand Up @@ -15,8 +15,10 @@
$unkind = 'send';
else if ($kind == 'send')
$unkind = 'recv';
else
else {
$kind = clean_xss_tags(trim($kind));
alert(''.$kind .'값을 넘겨주세요.');
}

if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)

Expand Down

2 comments on commit 2e81619

@P0cas
Copy link

@P0cas P0cas commented on 2e81619 Dec 14, 2021
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks you for to patch. and Can I assign a CVE and publish it?

@gnuboard
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks you for to patch. and Can I assign a CVE and publish it?Can I assign a CVE and publish it?

You can assign the CVE.

Please sign in to comment.