GOSTSec
/
sgminer
mirror of https://github.com/GOSTSec/sgminer
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

line 2913 added urlencode 

There was a cross site scripting vulnerability due to insufficient input sanitation on the $pg parameter.  This patch fixes that issue.
nfactor-troky
ouɐɹɔs ʞɹɐɯ 11 years ago committed by Noel Maersk
parent
93782c30ed
commit
c8b97fbd8a
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      miner.php

2
miner.php
Unescape View File

@ -2910,7 +2910,7 @@ function display() @@ -2910,7 +2910,7 @@ function display()
if ($allowcustompages === true)
{
$pg = trim(getparam('pg', true));
$pg = urlencode(trim(getparam('pg', true)));
if ($pagesonly === true)
{
if ($pg !== null && $pg !== '')

Write Preview
Loading…
Cancel
Save