Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Fix XSS in timeline_inc.php
Use of $_SERVER['PHP_SELF'] and outputting it as-is allows an attacker to inject arbitrary JavaScript as part of the URL. Using SCRIPT_NAME and passing it through string_sanitize_url() instead prevents the attack. Fixes #22742 Fixes #1094
- Loading branch information