Skip to content
Permalink
Browse files Browse the repository at this point in the history
Hot fix error xss
  • Loading branch information
lanhktc committed Nov 29, 2020
1 parent ab0fe23 commit 4406d40
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions app/Plugins/Cms/Content/Admin/CmsCategoryController.php
Expand Up @@ -50,8 +50,8 @@ public function index()
'sort' => trans($this->plugin->pathPlugin.'::Category.sort'),
'action' => trans($this->plugin->pathPlugin.'::Category.admin.action'),
];
$sort_order = request('sort_order') ?? 'id_desc';
$keyword = request('keyword') ?? '';
$sort_order = sc_clean(request('sort_order') ?? 'id_desc');
$keyword = sc_clean(request('keyword') ?? '');
$arrSort = [
'id__desc' => trans($this->plugin->pathPlugin.'::Category.admin.sort_order.id_desc'),
'id__asc' => trans($this->plugin->pathPlugin.'::Category.admin.sort_order.id_asc'),
Expand Down
4 changes: 2 additions & 2 deletions app/Plugins/Cms/Content/Admin/CmsContentController.php
Expand Up @@ -48,8 +48,8 @@ public function index()
'sort' => trans($this->plugin->pathPlugin.'::Content.sort'),
'action' => trans($this->plugin->pathPlugin.'::Content.admin.action'),
];
$sort_order = request('sort_order') ?? 'id_desc';
$keyword = request('keyword') ?? '';
$sort_order = sc_clean(request('sort_order') ?? 'id_desc');
$keyword = sc_clean(request('keyword') ?? '');
$arrSort = [
'id__desc' => trans($this->plugin->pathPlugin.'::Content.admin.sort_order.id_desc'),
'id__asc' => trans($this->plugin->pathPlugin.'::Content.admin.sort_order.id_asc'),
Expand Down

1 comment on commit 4406d40

@abergmann
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CVE-2020-28457 was assigned to this commit.

Please sign in to comment.