Commit a489481c3341ac30fdad711f20d0fde4ddf4ed88
1 parent
f81e76f5
KTS-2178
"cross site scripting" Updated. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6937 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
1 additions
and
1 deletions
templates/ktcore/forms/widgets/text.smarty
| @@ -2,4 +2,4 @@ | @@ -2,4 +2,4 @@ | ||
| 2 | {if $has_id} id="{$id}"{/if} | 2 | {if $has_id} id="{$id}"{/if} |
| 3 | {if $options.rows} rows="{$options.rows}"{else} rows="7"{/if} | 3 | {if $options.rows} rows="{$options.rows}"{else} rows="7"{/if} |
| 4 | {if $options.cols} cols="{$options.cols}"{else} cols="45"{/if} | 4 | {if $options.cols} cols="{$options.cols}"{else} cols="45"{/if} |
| 5 | - >{if $has_value}{$value}{/if}</textarea> | 5 | + >{if $has_value}{$value|sanitize_input}{/if}</textarea> |