blob: ee22df7b2cd1ea1fcbefbf834a7c4ac40b9597ef (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
$NetBSD: patch-ap,v 1.4 2022/04/02 13:23:08 mef Exp $
Set &html_escape for safety
--- webminlog/search.cgi.orig 2022-03-03 13:10:55.000000000 +0900
+++ webminlog/search.cgi 2022-04-02 20:58:04.828924454 +0900
@@ -180,7 +180,8 @@ elsif (@match) {
# Show search results in table
if ($in{'sid'}) {
print "<b data-search-action='sid'>",&text('search_sid', "<tt>$match[0]->{'user'}</tt>",
- "<tt>$in{'sid'}</tt>")," ..</b><p>\n";
+ "<tt>" . &html_escape($in{'sid'}) . "</tt>"),
+ " ..</b><p>\n";
}
elsif ($in{'uall'} == 1 && $in{'mall'} && $in{'tall'}) {
print "<b data-search-action='critall'>$text{'search_critall'} ..</b><p>\n";
|
