From da8017e067c46c2cffcc5e37a9791ef96ee20d89 Mon Sep 17 00:00:00 2001 From: Majesty <32709570+majestyotbr@users.noreply.github.com> Date: Fri, 13 Sep 2024 12:36:52 -0300 Subject: [PATCH] fix: XSS in forum (#122) --- system/pages/forum/new_post.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/system/pages/forum/new_post.php b/system/pages/forum/new_post.php index 3a8431be7..b45acff04 100644 --- a/system/pages/forum/new_post.php +++ b/system/pages/forum/new_post.php @@ -22,7 +22,7 @@ $thread = $db->query("SELECT `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `" . FORUM_TABLE_PREFIX . "forum`.`id` = " . $thread_id . " AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = " . $thread_id . " LIMIT 1")->fetch(); if (isset($thread['id']) && Forum::hasAccess($thread['section'])) { - echo '
Community Boards | ' . $sections[$thread['section']]['name'] . ' | ' . $thread['post_topic'] . ' | Post New Reply

'; + echo '
Community Boards | ' . $sections[$thread['section']]['name'] . ' | ' . htmlspecialchars($thread['post_topic']) . ' | Post New Reply

'; $quote = (int)$_REQUEST['quote'] ?? NULL; $text = isset($_REQUEST['text']) ? stripslashes(trim($_REQUEST['text'])) : NULL; $char_id = (int)$_REQUEST['char_id'] ?? 0; @@ -95,7 +95,7 @@ 'post_text' => $text, 'post_smile' => $smile > 0, 'post_html' => $html > 0, - 'topic' => $thread['post_topic'], + 'topic' => htmlspecialchars($thread['post_topic']), 'threads' => $threads, 'canEdit' => $canEdit ));