Skip to content

Commit

Permalink
그누보드 Stored XSS 취약점(KVE-2019-1198) 수정
Browse files Browse the repository at this point in the history
  • Loading branch information
@thisgun
thisgun committed Aug 29, 2019
1 parent c2922aa commit 3c55c4d
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions adm/qa_config_update.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,8 @@
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 하단 파일 경로에 포함시킬수 없습니다.';
}

$_POST['qa_title'] = strip_tags($_POST['qa_title']);

$sql = " update {$g5['qa_config_table']}
set qa_title = '{$_POST['qa_title']}',
qa_category = '{$_POST['qa_category']}',
Expand Down

0 comments on commit 3c55c4d

Please sign in to comment.