mirror of
https://github.com/Piwigo/Piwigo.git
synced 2026-07-05 01:12:29 +02:00
fixes #1055 prevents XSS on original resize fields
This commit is contained in:
@@ -250,7 +250,7 @@ else
|
||||
$template->append(
|
||||
'sizes',
|
||||
array(
|
||||
$field => $_POST[$field]
|
||||
$field => strip_tags($_POST[$field]) // strip_tags prevents from XSS attempt
|
||||
),
|
||||
true
|
||||
);
|
||||
|
||||
Reference in New Issue
Block a user