Fixing a scrut issue for xss

2024-10-07 16:52:45 +00:00 · 2015-03-27 16:59:58 +00:00
parent 79ae1acffa
commit f7a4fc68eb
1 changed files with 1 additions and 2 deletions
--- a/html/pages/eventlog.inc.php
+++ b/html/pages/eventlog.inc.php
@@ -63,8 +63,7 @@ var grid = $("#eventlog").bootgrid({
    {
        return {
            id: "eventlog",
-            string: '<?php echo $_POST['string']; ?>',
-            device: '<?php echo $_POST['device']; ?>'
+            device: '<?php echo htmlspecialchars($_POST['device']); ?>'
        };
    },
    url: "/ajax_table.php"