composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-05-20 15:52:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Protect Bulk Modify against XSS injection!

Browse Source 
SVN:trunk[3117]
This commit is contained in:
Denis Flaven
2014-04-01 10:12:11 +00:00
parent ce9806b01c
commit caef02720c
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
application/cmdbabstract.class.inc.php
View File

@@ -3284,12 +3284,12 @@ EOF
{
foreach($value as $vKey => $vValue)
{
$oP->add("<input type=\"hidden\" name=\"{$sKey}[$vKey]\" value=\"$vValue\">\n");
$oP->add("<input type=\"hidden\" name=\"{$sKey}[$vKey]\" value=\"".htmlentities($vValue, ENT_QUOTES, 'UTF-8')."\">\n");
}
}
else
{
$oP->add("<input type=\"hidden\" name=\"$sKey\" value=\"$value\">\n");
$oP->add("<input type=\"hidden\" name=\"$sKey\" value=\"".htmlentities($value, ENT_QUOTES, 'UTF-8')."\">\n");
}
}
}