diff options
author | Steven Wittens <steven@10.no-reply.drupal.org> | 2006-03-13 21:42:35 +0000 |
---|---|---|
committer | Steven Wittens <steven@10.no-reply.drupal.org> | 2006-03-13 21:42:35 +0000 |
commit | 16fd8c89a59f7851626eb939d33a50703a07ba2b (patch) | |
tree | 52fa8b2ecb6e96378bebf0dc2a3e2d24723896eb /themes | |
parent | 2fb572d0026b8b5bf88f744abbc27b3429f0493b (diff) | |
download | brdo-16fd8c89a59f7851626eb939d33a50703a07ba2b.tar.gz brdo-16fd8c89a59f7851626eb939d33a50703a07ba2b.tar.bz2 |
- sa-2006-002: XSS issues with username log and mission
Diffstat (limited to 'themes')
-rw-r--r-- | themes/engines/phptemplate/phptemplate.engine | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/themes/engines/phptemplate/phptemplate.engine b/themes/engines/phptemplate/phptemplate.engine index 3c7c7f89b..ebc18e9cd 100644 --- a/themes/engines/phptemplate/phptemplate.engine +++ b/themes/engines/phptemplate/phptemplate.engine @@ -143,7 +143,7 @@ function phptemplate_page($content) { /* Set title and breadcrumb to declared values */ if (drupal_get_path_alias($_GET['q']) == variable_get('site_frontpage', 'node')) { - $mission = theme_get_setting('mission'); + $mission = filter_xss(theme_get_setting('mission')); } /* Add favicon */ |