4images Help / Hilfe > Bug Fixes & Patches
[1.7 - 1.7.7] Security fix for XSS vulnerability in includes/functions.php
kai:
A cross site scripting vulnerability in 4images 1.7 - 1.7.7 has been found.
To fix this:
In includes/functions.php
find
return $url;
and replace it by
return htmlspecialchars($url);
The download package of 4images 1.7.7 has been updated (15.06.2009)
sanko86:
thank you.
Sunny C.:
Danke,
hab es auch mal in meiner Liste mit aufgenommen!
http://www.4homepages.de/forum/index.php?topic=24888.0
Jan-Lukas:
Danke,
LG Harald
nobby:
aktualisiert :wink:
Navigation
[0] Message Index
[#] Next page
Go to full version