Skip to content

Commit

Permalink
sec(Users) XSS in name
Browse files Browse the repository at this point in the history
  • Loading branch information
@joebordes
joebordes committed Dec 4, 2021
1 parent a7d0185 commit 1dd4612
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion modules/Vtiger/header.php
View file
Expand Up @@ -24,7 +24,7 @@
$smarty->assign('HEADERS', $header_array);
$smarty->assign('THEME', $theme);
$smarty->assign('IMAGEPATH', $image_path);
$smarty->assign('USER', $userName);
$smarty->assign('USER', trim(gtltTagsToHTML($userName)));
$smarty->assign('CSRFNAME', $GLOBALS['csrf']['input-name']);

$qc_modules = getQuickCreateModules();
Expand Down

0 comments on commit 1dd4612

Please sign in to comment.