diff options
| author | jim-p <jimp@pfsense.org> | 2015-08-27 09:29:40 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2015-08-27 09:29:40 -0400 |
| commit | 5bf478ac2efecc20aa87483fe699faecee39225f (patch) | |
| tree | c0aa2838699a75ebd90fb27ace3864bc3ac77e59 | |
| parent | 05da124c0ceeaa15bbe707338fba393cbee30f87 (diff) | |
| download | pfsense-5bf478ac2efecc20aa87483fe699faecee39225f.zip pfsense-5bf478ac2efecc20aa87483fe699faecee39225f.tar.gz | |
Ensure the current RRD graph category is encoded before display
| -rw-r--r-- | usr/local/www/status_rrd_graph.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/status_rrd_graph.php b/usr/local/www/status_rrd_graph.php index e64cf72..a4aec6d 100644 --- a/usr/local/www/status_rrd_graph.php +++ b/usr/local/www/status_rrd_graph.php @@ -409,7 +409,7 @@ function get_dates($curperiod, $graph) { <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="rrd graphs"> <tr> <td> - <input type="hidden" name="cat" value="<?php echo "$curcat"; ?>" /> + <input type="hidden" name="cat" value="<?php echo htmlspecialchars($curcat); ?>" /> <?php $tab_array = array(); if($curcat == "system") { $tabactive = True; } else { $tabactive = False; } |
