stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-05-20 03:19:13 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix XSS vectors in HTML attributes (mostly t() calls)

Browse Source
This commit is contained in:
Andy Staudacher
2009-08-31 21:51:57 -07:00
parent 8c3a2db380
commit 2bc73e2e36
24 changed files with 63 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/comment/views/admin_comments.html.php
View File

@@ -122,7 +122,7 @@
<a href="<?= $item->url() ?>">
<? if ($item->has_thumb()): ?>
<img src="<?= $item->thumb_url() ?>"
alt="<?= html::purify($item->title) ?>"
alt="<?= html::purify($item->title)->for_html_attr() ?>"
<?= photo::img_dimensions($item->thumb_width, $item->thumb_height, 75) ?>
/>
<? else: ?>