tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2012-11-08 Sancho Lerena <slerena@artica.es> 

* include/functions_config.php: Fixed a XSS in login :-O. Thanks
        to gobejishvili for reporting.




git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7140 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
slerena 2012-11-08 15:09:24 +00:00
parent 3973c62408
commit e452ca8ac6
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pandora_console/ChangeLog
View File

@ -1,3 +1,8 @@
2012-11-08 Sancho Lerena <slerena@artica.es>
* include/functions_config.php: Fixed a XSS in login :-O. Thanks
to gobejishvili for reporting.
2012-11-08 Miguel de Dios <miguel.dedios@artica.es>
* operation/events/events.php, include/functions_tags.php: cleaned

2
pandora_console/include/functions_config.php
View File

@ -672,7 +672,7 @@ function config_process_config () {
if (isset($config['id_user']))
$relative_path = enterprise_hook('skins_set_image_skin_path',array($config['id_user']));
else
$relative_path = enterprise_hook('skins_set_image_skin_path',array($_POST['nick']));
$relative_path = enterprise_hook('skins_set_image_skin_path',array(get_parameter('nick')));
$config['relative_path'] = $relative_path;
}
}