FbIN/htmly
1
0
Fork 0
mirror of https://github.com/danpros/htmly.git synced 2026-04-19 20:16:22 +05:30
Code Issues Projects Releases Packages Wiki Activity

CVE-2019-8349 XSS vulnerabilities fix

Browse source
This commit is contained in:
danpros 2020-05-06 13:06:59 +07:00
commit ec1cf1d303
19 changed files with 31 additions and 190 deletions
Download patch file Download diff file Expand all files Collapse all files

2
themes/blog/layout.html.php
View file

@ -26,7 +26,7 @@
</head>
<?php
if (isset($_GET['search'])) {
$search = $_GET['search'];
$search = _h($_GET['search']);
$url = site_url() . 'search/' . remove_accent($search);
header("Location: $url");
}