diff options
author | Lukas Fleischer <archlinux@cryptocrack.de> | 2011-03-30 17:07:27 +0200 |
---|---|---|
committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2011-03-30 17:07:27 +0200 |
commit | 0a625ae8ff737f471ee4e29853ba57db20352b1a (patch) | |
tree | 188133120c72e3cbfb91788bd30147c383ce9b0d | |
parent | 746c2b72b541865431d88af7a99df29c472a297c (diff) |
Fix XSS vulnerability in "web/template/header.php".
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-rw-r--r-- | web/template/header.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/web/template/header.php b/web/template/header.php index 4939b57..0f0e362 100644 --- a/web/template/header.php +++ b/web/template/header.php @@ -51,8 +51,8 @@ reset($SUPPORTED_LANGS); foreach ($SUPPORTED_LANGS as $lang => $lang_name) { print '<a href="' - . $_SERVER["PHP_SELF"]."?setlang=$lang\"" - . " title=\"$lang_name\">" + . htmlspecialchars($_SERVER["PHP_SELF"], ENT_QUOTES) + ."?setlang=$lang\" title=\"$lang_name\">" . strtolower($lang) . "</a>\n"; } ?> |