diff options
author | rub <rub@piwigo.org> | 2007-01-03 23:28:09 +0000 |
---|---|---|
committer | rub <rub@piwigo.org> | 2007-01-03 23:28:09 +0000 |
commit | 60bcda3564dd3e2f9d74a0980b95290f373e6817 (patch) | |
tree | db91e3861d24b74c3fd28d9ce867c825cf499105 /admin | |
parent | aa5f1e3358e0123d785755d90d25a5cee340f754 (diff) |
Fixed: HTML vulnerability (Cross Site Scripting)
git-svn-id: http://piwigo.org/svn/trunk@1696 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'admin')
-rw-r--r-- | admin/user_list.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/admin/user_list.php b/admin/user_list.php index 101c4df7a..69d46e6d2 100644 --- a/admin/user_list.php +++ b/admin/user_list.php @@ -477,7 +477,7 @@ $template->assign_vars( 'U_HELP' => PHPWG_ROOT_PATH.'popuphelp.php?page=user_list', 'F_ADD_ACTION' => $base_url, - 'F_USERNAME' => @$_GET['username'], + 'F_USERNAME' => @htmlentities($_GET['username']), 'F_FILTER_ACTION' => PHPWG_ROOT_PATH.'admin.php' )); |