GOSTSec/sgminer
1
0
Fork 0
mirror of https://github.com/GOSTSec/sgminer synced 2025-02-09 21:44:25 +00:00
Code Issues Releases Wiki Activity

line 2913 added urlencode

Browse Source 
There was a cross site scripting vulnerability due to insufficient input sanitation on the $pg parameter.  This patch fixes that issue.
This commit is contained in:
ouɐɹɔs ʞɹɐɯ 2013-11-18 23:14:31 -05:00 committed by Noel Maersk
parent 93782c30ed
commit c8b97fbd8a
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
miner.php
View File

@ -2910,7 +2910,7 @@ function display()
if ($allowcustompages === true) if ($allowcustompages === true)
{ {
$pg = trim(getparam('pg', true)); $pg = urlencode(trim(getparam('pg', true)));
if ($pagesonly === true) if ($pagesonly === true)
{ {
if ($pg !== null && $pg !== '') if ($pg !== null && $pg !== '')