Skip to content
Permalink
Browse files
Fix reflected XSS vulnerability
  • Loading branch information
jekkos committed Sep 28, 2021
1 parent 6ef764d commit 2b031e646693eac8687de8e90835fc1af4201f7f
Showing 1 changed file with 4 additions and 4 deletions.
@@ -37,11 +37,11 @@ public function send()

if($response)
{
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('messages_successfully_sent') . ' ' . $phone));
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('messages_successfully_sent') . ' ' . $this->xss_clean($phone)));
}
else
{
echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('messages_unsuccessfully_sent') . ' ' . $phone));
echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('messages_unsuccessfully_sent') . ' ' . $this->xss_clean($phone)));
}
}

@@ -54,11 +54,11 @@ public function send_form($person_id = -1)

if($response)
{
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('messages_successfully_sent') . ' ' . $phone, 'person_id' => $this->xss_clean($person_id)));
echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('messages_successfully_sent') . ' ' . $this->xss_clean($phone), 'person_id' => $this->xss_clean($person_id)));
}
else
{
echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('messages_unsuccessfully_sent') . ' ' . $phone, 'person_id' => -1));
echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('messages_unsuccessfully_sent') . ' ' . $this->xss_clean($phone), 'person_id' => -1));
}
}
}

0 comments on commit 2b031e6

Please sign in to comment.