diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2010-11-09 11:38:27 -0500 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2010-11-09 11:38:27 -0500 |
commit | 034f08e7dd102c09e60184220927e6c5cba9f10c (patch) | |
tree | fc31493bc38958074835e3e344302084e1d652f4 /usr/local/www/status_rrd_graph.php | |
parent | fea098864053dada6741b99444f10d4406ddeee6 (diff) | |
download | pfsense-034f08e7dd102c09e60184220927e6c5cba9f10c.zip pfsense-034f08e7dd102c09e60184220927e6c5cba9f10c.tar.gz |
Fix Misc XSS issues
Diffstat (limited to 'usr/local/www/status_rrd_graph.php')
-rwxr-xr-x | usr/local/www/status_rrd_graph.php | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/usr/local/www/status_rrd_graph.php b/usr/local/www/status_rrd_graph.php index b4f6911..48f5734 100755 --- a/usr/local/www/status_rrd_graph.php +++ b/usr/local/www/status_rrd_graph.php @@ -54,7 +54,7 @@ $databases = glob("*.rrd"); if ($_GET['cat']) { - $curcat = $_GET['cat']; + $curcat = htmlspecialchars($_GET['cat']); } else { if(! empty($config['rrd']['category'])) { $curcat = $config['rrd']['category']; @@ -281,7 +281,6 @@ function get_dates($curperiod, $graph) { return $dates; } - ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> |