825 Star 2.8K Fork 1.3K

Discuz / DiscuzX

Merged
!187 修复 install.php中uchidden参数的XSS漏洞

老周部落:UChidden_XSS Discuz:master

老周部落 Created on: 2018-12-30 09:01
缺陷/BUG
安全/security

问题详情: #INMA0:安装时候有个参数存在XSS漏洞,反馈下,
本PR对用户输入的uchideen参数进行校验,不符合序列化原则的数据不在页面上显示。

7 comments, 3 participants 1773794 laozhoubuluo 1594507411 1182890 coxxs 1596190375 5247157 oldhuhu 1578983196

Show action logs Hide action logs
老周部落 added label 安全/security 2021-06-28 11:01
老周部落 updated description 2021-06-28 11:01
oldhuhu merged Pull Request 2020-01-09 12:00
老周部落 set priority to Secondary 2020-01-08 21:57
老周部落 added label bug 2020-01-08 21:57
老周部落 updated title 2020-01-08 21:57
老周部落 push code 2020-01-08 21:57
PHP
1
https://gitee.com/Discuz/DiscuzX.git
git@gitee.com:Discuz/DiscuzX.git
Discuz
DiscuzX
DiscuzX

Search

102255 3a0e046c 1850385 102255 7aaa926c 1850385