From 2df3b5f40347e7155c339586c0a4e559d72848b1 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Thu, 14 Aug 2008 11:58:06 +0000
Subject: - Patch #285575 by jk, Bart, Damien Tournoud, et al: fixed XSS
 problem in default input formats.

---
 modules/filter/filter.module | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/filter/filter.module b/modules/filter/filter.module
index 210f7fc06..80555997f 100644
--- a/modules/filter/filter.module
+++ b/modules/filter/filter.module
@@ -967,7 +967,7 @@ function filter_xss($string, $allowed_tags = array('a', 'em', 'strong', 'cite',
     (
     <(?=[^a-zA-Z!/])  # a lone <
     |                 # or
-    <[^>]*.(>|$)      # a string that starts with a <, up until the > or the end of the string
+    <[^>]*(>|$)       # a string that starts with a <, up until the > or the end of the string
     |                 # or
     >                 # just a >
     )%x', '_filter_xss_split', $string);
-- 
cgit v1.2.3