Skip to content

Commit 6212bc9

Browse files
committed
Fixes XSS in misc.php
1 parent ded6525 commit 6212bc9

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

Diff for: misc.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -486,7 +486,7 @@
486486
$smilies = '';
487487
if($mybb->input['popup'])
488488
{ // make small popup list of smilies
489-
$editor = addslashes(htmlentities($mybb->input['editor']));
489+
$editor = preg_replace('#([^a-zA-z0-9_-]+)#', '', $mybb->input['editor']);
490490
$e = 1;
491491
$class = "trow1";
492492
$smilies = "<tr>";

0 commit comments

Comments
 (0)