|
|
|
|
- Readme First! - Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 260 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
| The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
No Comments Allowed for Anonymous, please register | | | | |
Re: (Score: 0) by Anonymous on Tuesday, February 04 @ 05:40:48 CET | Note: A more elegant fix would be better. Standard variable input validation used throughout the core code would cut down drastically on these XSS exploits. What I posted above was just the quickest thing I could get up to my site to remove the vulnerability.
If I knew regex's better I'd just match against a valid image file name [else unset($user_avatar)]. Shouldn't be tough. |
| Parent- Re: by Zhen-Xjell on Tuesday, February 04 @ 05:46:36 CET
- Re: by sixonetonoffun on Tuesday, February 04 @ 09:49:58 CET
- Re: by Zhen-Xjell on Tuesday, February 04 @ 14:33:00 CET
- Re: by sixonetonoffun on Tuesday, February 04 @ 21:26:49 CET
| | | | | |
|