cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openbsd-ports/www/phpldapadmin/patches/patch-rename_form_php
aanriot ba90ce353a Security fixes against multiple cross-site scripting (XSS) 
vulnerabilities in phpldapadmin.

CVE-2006-2016;
from Debian GNU/Linux;
ok mbalmer@, "no objection" sturm@
2006-05-21 19:15:08 +00:00

13 lines
703 B
Plaintext
Raw Blame History

$OpenBSD: patch-rename_form_php,v 1.1 2006/05/21 19:15:08 aanriot Exp $
--- rename_form.php.orig Sun May 21 13:30:59 2006
+++ rename_form.php Sun May 21 13:31:17 2006
@@ -36,7 +36,7 @@ include './header.php'; ?>
<center>
<form action="rename.php" method="post" class="edit_dn" />
<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
-<input type="hidden" name="dn" value="<?php echo $dn; ?>" />
+<input type="hidden" name="dn" value="<?php echo htmlspecialchars($dn); ?>" />
<input type="text" name="new_rdn" size="30" value="<?php echo htmlspecialchars( ( $rdn ) ); ?>" />
<input class="update_dn" type="submit" value="<?php echo $lang['rename']; ?>" />
</form>
Reference in New Issue View Git Blame Copy Permalink