Minor - Add security remove_xss

7 years ago · 97d0ca8a05
parent a0c34c5d96
commit 97d0ca8a05
1 changed files with 1 additions and 1 deletions
--- a/main/forum/viewthread.php
+++ b/main/forum/viewthread.php
@ -634,7 +634,7 @@ foreach ($posts as $post) {
        'Aw:',
    ];
    $replace = '<span>'.Display::returnFontAwesomeIcon('mail-reply').'</span>';
-    $post['post_title'] = str_replace($search, $replace, $post['post_title']);
+    $post['post_title'] = str_replace($search, $replace, Security::remove_XSS($post['post_title']));

    // The post title
    $titlePost = Display::tag('h3', $post['post_title'], ['class' => 'forum_post_title']);