Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Fix Stored XSS via filename when upload file
  • Loading branch information
noobpk committed Nov 16, 2021
1 parent 22a6daa commit 9552c55
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/domain/projects/templates/showProject.tpl.php
Expand Up @@ -101,7 +101,7 @@
<?php else: ?>
<img style='max-height: 50px; max-width: 70px;' src='<?=BASE_URL ?>/images/thumbs/doc.png' />
<?php endif; ?>
<span class="filename"><?php echo $file['realName'] ?></span>
<span class="filename"><?php $this->e($file['realName']) ?></span>

</a>

Expand Down

0 comments on commit 9552c55

Please sign in to comment.