Peter M. Groen / knowledgetree

Commit e1969b1ed06414e0c9f0823d263881fd1cc37f4f

Authored by Conrad Vermeulen
1 parent dd693198

KTS-2178 

"cross site scripting"
Implemented.

Reviewed By: Kevin Fourie

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6984 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 1 additions and 1 deletions
templates/kt3/browse.smarty
  View file @e1969b1
... ... @@ -44,7 +44,7 @@
44 44 <input type="hidden" name="sListCode" value="{$code}" />
45 45 <input type="hidden" name="action" value="bulkaction" />
46 46 <input type="hidden" name="fReturnAction" value="{$returnaction}" />
47   - <input type="hidden" name="fReturnData" value="{$returndata}" />
  47 + <input type="hidden" name="fReturnData" value="{$returndata|sanitize}" />
48 48  
49 49 {foreach from=$bulkactions item=bulkaction}
50 50 <input type="submit" name="submit[{$bulkaction->getName()}]" value="{$bulkaction->getDisplayName()}" />
... ...