diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2010-11-12 11:36:13 -0500 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2010-11-12 11:36:20 -0500 |
| commit | dd5bf424c155922b065b45e64733bdf8de620c0f (patch) | |
| tree | 1b22756ce120544141edc9d3f2159037b955c2bc /usr/local/www/diag_authentication.php | |
| parent | 4656943e59eb19a534c06cc253e266da6c52e915 (diff) | |
| download | pfsense-dd5bf424c155922b065b45e64733bdf8de620c0f.zip pfsense-dd5bf424c155922b065b45e64733bdf8de620c0f.tar.gz | |
Fix XSS issues
Diffstat (limited to 'usr/local/www/diag_authentication.php')
| -rwxr-xr-x | usr/local/www/diag_authentication.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/usr/local/www/diag_authentication.php b/usr/local/www/diag_authentication.php index 19c0d69..a8f897c 100755 --- a/usr/local/www/diag_authentication.php +++ b/usr/local/www/diag_authentication.php @@ -105,13 +105,13 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Username"); ?></td> <td width="78%" class="vtable"> - <input class="formfld unknown" size='20' id='username' name='username' value='<?=$pconfig['username'];?>' /> + <input class="formfld unknown" size='20' id='username' name='username' value='<?=htmlspecialchars($pconfig['username']);?>' /> </td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Password"); ?></td> <td width="78%" class="vtable"> - <input class="formfld pwd" type='password' size='20' id='password' name='password' value='<?=$pconfig['password'];?>' /> + <input class="formfld pwd" type='password' size='20' id='password' name='password' value='<?=htmlspecialchars($pconfig['password']);?>' /> </td> </tr> <tr> |
