Actions
Bug #2388
closedBackend: more htmlspecialchars missing
Description
admin.cbgroupjive.php function showConfig : missing htmlspecialchars for input values everywhere (around 30 places):
e.g.
$input['general_title'] = '<input type="text" id="general_title" name="general_title" value="' . $plugin->params->get( 'general_title', $plugin->name ) . '" class="inputbox" size="25" />';
should be:
$input['general_title'] = '<input type="text" id="general_title" name="general_title" value="' . htmlspecialchars( $plugin->params->get( 'general_title', $plugin->name ) ) . '" class="inputbox" size="25" />';
Updated by krileon almost 14 years ago
- Status changed from New to Resolved
- Assignee changed from krileon to beat
- % Done changed from 0 to 100
Fixed in r1611
Actions