영카트 Reflected XSS (17-0789) 취약점 수정

gnuboard · Nov 7, 2017 · de13931 · de13931
1 parent 0972f36
commit de13931
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/adm/menu_form.php b/adm/menu_form.php
@@ -8,6 +8,8 @@
 $g5['title'] = '메뉴 추가';
 include_once(G5_PATH.'/head.sub.php');
 
+$code = isset($code) ? preg_replace('/[^0-9a-zA-Z]/', '', strip_tags($code)) : '';
+
 // 코드
 if($new == 'new' || !$code) {
     $code = base_convert(substr($code,0, 2), 36, 10);