fix XSS in editor/extensions/fileopen.php
reported by Lukas Reschke <lukas@statuscode.ch> git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2080 eee81c28-f429-11dd-99c0-75d572ba1dddmaster
parent
3a0cfe1ce0
commit
519859eaf8
|
@ -27,5 +27,5 @@
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
<script>
|
<script>
|
||||||
window.top.window.svgEditor.processFile("<?php echo $prefix . base64_encode($output); ?>", "<?php echo $type ?>");
|
window.top.window.svgEditor.processFile("<?php echo $prefix . base64_encode($output); ?>", "<?php echo htmlentities($type); ?>");
|
||||||
</script>
|
</script>
|
Loading…
Reference in New Issue