Closed (won't fix)
Project:
Rubik
Version:
7.x-4.x-dev
Component:
Code
Priority:
Critical
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
18 Mar 2013 at 17:06 UTC
Updated:
19 Aug 2013 at 08:54 UTC
Jump to comment: Most recent file
Comments
Comment #1
jmmarquez commentedSecurity bugs found. Must use check_plain() and filter_xss() to solve the problem.
Comment #2
nesta_ commentedThnx!
Fix :)
Comment #3
nesta_ commentedComment #4
nesta_ commentedComment #5
haydeniv commentedThis is not an XSS vulnerability because it is not accepting any user input and l() does it's own escaping.