tonyair/silverstripe-blog
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-blog synced 2024-10-22 11:05:58 +02:00
Code Issues Projects Releases Wiki Activity

BUGFIX Fixed XSS vulnerability in BlogTree when filtering by tags

Browse Source
This commit is contained in:
Ingo Schommer 2010-10-03 20:02:43 +00:00
parent 92c09ee62f
commit 3593f03f7e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
code/BlogTree.php
View File

@ -298,7 +298,7 @@ class BlogTree_Controller extends Page_Controller {
* @return String
*/
function SelectedTag() {
return ($this->request->latestParam('Action') == 'tag') ? $this->request->latestParam('ID') : '';
return ($this->request->latestParam('Action') == 'tag') ? Convert::raw2xml($this->request->latestParam('ID')) : '';
}
/**