Private GIT

Skip to content
Snippets Groups Projects
Unverified Commit 5c8b3252 authored by Gary Allan's avatar Gary Allan
Browse files

Bugfix: Reflected XSS /app/tools/subnet-masks/popup.php

Fixes #3738
parent c4510854
No related branches found
No related tags found
No related merge requests found
...@@ -37,6 +37,6 @@ $_POST = $User->strip_input_tags ($_POST); ...@@ -37,6 +37,6 @@ $_POST = $User->strip_input_tags ($_POST);
<!-- footer --> <!-- footer -->
<div class="pFooter"> <div class="pFooter">
<div class="btn-group"> <div class="btn-group">
<button class="btn btn-sm btn-default <?php print @$_REQUEST['closeClass']; ?>"><?php print _('Close'); ?></button> <button class="btn btn-sm btn-default <?php escape_input(print @$_REQUEST['closeClass']); ?>"><?php print _('Close'); ?></button>
</div> </div>
</div> </div>
...@@ -8,6 +8,7 @@ ...@@ -8,6 +8,7 @@
---------------------------- ----------------------------
+ XSS (reflected) in 'bw-calulator-result.php'; + XSS (reflected) in 'bw-calulator-result.php';
+ XSS (reflected) by invalid email address response; + XSS (reflected) by invalid email address response;
+ XSS (reflected) by /app/tools/subnet-masks/popup.php (#3738);
+ XSS and LDAP injection in ad-search-result.php; + XSS and LDAP injection in ad-search-result.php;
+ XSS and LDAP injection in ad-search-group-result.php; + XSS and LDAP injection in ad-search-group-result.php;
+ Restrict find_full_subnets.php to CLI; + Restrict find_full_subnets.php to CLI;
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment