aboutsummaryrefslogtreecommitdiffstats
path: root/admin
diff options
context:
space:
mode:
authorrub <rub@piwigo.org>2007-01-03 23:28:09 +0000
committerrub <rub@piwigo.org>2007-01-03 23:28:09 +0000
commit60bcda3564dd3e2f9d74a0980b95290f373e6817 (patch)
treedb91e3861d24b74c3fd28d9ce867c825cf499105 /admin
parentaa5f1e3358e0123d785755d90d25a5cee340f754 (diff)
Fixed: HTML vulnerability (Cross Site Scripting)
git-svn-id: http://piwigo.org/svn/trunk@1696 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'admin')
-rw-r--r--admin/user_list.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/admin/user_list.php b/admin/user_list.php
index 101c4df7a..69d46e6d2 100644
--- a/admin/user_list.php
+++ b/admin/user_list.php
@@ -477,7 +477,7 @@ $template->assign_vars(
'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=user_list',
'F_ADD_ACTION' => $base_url,
- 'F_USERNAME' => @$_GET['username'],
+ 'F_USERNAME' => @htmlentities($_GET['username']),
'F_FILTER_ACTION' => PHPWG_ROOT_PATH.'admin.php'
));