diff options
| author | Ermal <eri@pfsense.org> | 2014-02-18 11:28:53 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2014-02-18 11:28:53 +0000 |
| commit | 248b0124e423b268d698d1e7246ea36df75a34e7 (patch) | |
| tree | 20af1f32f23245d80968001b648206f7b7544e5e /etc | |
| parent | b6584d176b18fbe4ee76d5a7e216c5b7702d49f0 (diff) | |
| download | pfsense-248b0124e423b268d698d1e7246ea36df75a34e7.zip pfsense-248b0124e423b268d698d1e7246ea36df75a34e7.tar.gz | |
Ticket #3461. Protect output to browser by using htmlspecialchars.
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/pkg-utils.inc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc index d5f3303..924f223 100644 --- a/etc/inc/pkg-utils.inc +++ b/etc/inc/pkg-utils.inc @@ -57,7 +57,7 @@ if(!function_exists("update_status")) { } if(!function_exists("update_output_window")) { function update_output_window($status) { - echo $status . "\n"; + echo htmlspecialchars($status) . "\n"; } } |
