chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Security: Remove possible XSS when showing file name selected

Browse Source
pull/4973/merge
Angel Fernando Quiroz Campos 2 years ago
parent 78d9462b1f
commit a63e03ef96
1 changed files with 1 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      main/inc/lib/pear/HTML/QuickForm/file.php

2
main/inc/lib/pear/HTML/QuickForm/file.php
Unescape View File

@ -460,7 +460,7 @@ class HTML_QuickForm_file extends HTML_QuickForm_input
if (this.files[0]) {
fileName = this.files[0].name;
}
the_return.innerHTML = fileName;
the_return.textContent = fileName;
});
</script>
';

Write Preview
Loading…
Cancel
Save