gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-11 09:35:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

run passed parameter 'action' through htmlspecialchars() before output

Browse Source
This commit is contained in:
Uwe Steinmann 2018-06-27 18:56:01 +02:00
parent 92c0c4c611
commit 3eebc6bc28
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
inc/inc.ClassViewCommon.php
View File

@ -47,7 +47,7 @@ class SeedDMS_View_Common {
if(method_exists($this, $get['action'])) {
$this->{$get['action']}();
} else {
echo "Missing action '".$get['action']."'";
echo "Missing action '".htmlspecialchars($get['action'])."'";
}
} else
$this->show();