4images Help / Hilfe > Bug Fixes & Patches

[1.7 - 1.7.7] Security fix for XSS vulnerability in includes/functions.php

(1/5) > >>

kai:
A cross site scripting vulnerability in 4images 1.7 - 1.7.7 has been found.

To fix this:

In includes/functions.php

find

return $url;

and replace it by

return htmlspecialchars($url);


The download package of 4images 1.7.7 has been updated (15.06.2009)

sanko86:
thank you.

Sunny C.:
Danke,
hab es auch mal in meiner Liste mit aufgenommen!
http://www.4homepages.de/forum/index.php?topic=24888.0

Jan-Lukas:
Danke,

LG Harald

nobby:
aktualisiert  :wink:

Navigation

[0] Message Index

[#] Next page

Go to full version