Permalink
Browse files

Fix a cross site scripting vulnerability.

Reported by: Vulnerability Research Laboratory - Alexander Fuchs (F0x23)

Brought to our attention by Te Taipo
  • Loading branch information...
1 parent b25639f commit a5aeb0448cc333cc4b801c0e01981b218fd9c7df @haraldpdl haraldpdl committed Feb 3, 2012
@@ -57,7 +57,7 @@
if ( $OSCOM_ShoppingCart->isVariant($products['item_id']) ) {
foreach ( $OSCOM_ShoppingCart->getVariant($products['item_id']) as $variant) {
- echo '<br />- ' . $variant['group_title'] . ': ' . $variant['value_title'];
+ echo '<br />- ' . $variant['group_title'] . ': ' . HTML::outputProtected($variant['value_title']);
}
}
?>
@@ -84,7 +84,7 @@
if ( $OSCOM_ShoppingCart->isVariant($products['item_id']) ) {
foreach ( $OSCOM_ShoppingCart->getVariant($products['item_id']) as $variant) {
- echo '<br />- ' . $variant['group_title'] . ': ' . $variant['value_title'];
+ echo '<br />- ' . $variant['group_title'] . ': ' . HTML::outputProtected($variant['value_title']);
}
}

0 comments on commit a5aeb04

Please sign in to comment.