mirrors/rss-bridge
1
0
Fork 0
mirror of https://github.com/RSS-Bridge/rss-bridge.git synced 2024-11-23 01:55:27 +03:00
Code Issues Projects Releases Packages Wiki Activity

[core] Fixed passive XSS vulnerability

Browse source 
Reference: https://www.openbugbounty.org/reports/1140367/
This commit is contained in:
Eugene Molotov 2020-10-26 15:07:20 +05:00
parent 164b407f28
commit 93cdf5e342
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/BridgeList.php
View file

@ -129,7 +129,7 @@ EOD;
* @return string The searchbar
*/
private static function getSearchbar() {
$query = filter_input(INPUT_GET, 'q');
$query = filter_input(INPUT_GET, 'q', FILTER_SANITIZE_SPECIAL_CHARS);
return <<<EOD
<section class="searchbar">