tonyair
/
silverstripe-blog
mirror of https://github.com/silverstripe/silverstripe-blog
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

BUGFIX Fixed XSS vulnerability in BlogTree? when filtering by tags

This commit is contained in:
Saophalkun Ponlu 2010-10-03 21:44:57 +00:00
parent 0b8e5d46fc
commit 4971fb4730
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
code/BlogTree.php
View File

@ -297,7 +297,7 @@ class BlogTree_Controller extends Page_Controller {
* @return String
*/
function SelectedTag() {
return ($this->request->latestParam('Action') == 'tag') ? $this->request->latestParam('ID') : '';
return ($this->request->latestParam('Action') == 'tag') ? Convert::raw2xml($this->request->latestParam('ID')) : '';
}
/**