349162ea13
This filters out potentially malicious javascript: or data: uri's coming through to be attached to attachments. Added tests to cover. Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this vulnerability. |
||
---|---|---|
.. | ||
activities.php | ||
auth.php | ||
common.php | ||
components.php | ||
entities.php | ||
errors.php | ||
pagination.php | ||
passwords.php | ||
settings.php | ||
validation.php |