nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2026-01-06 19:53:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Escape ivr_menu_option_description to prevent XSS

Browse Source
This commit is contained in:
markjcrane
2021-07-25 09:00:53 -06:00
parent 0f34a7c732
commit ffd901b5ba
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/ivr_menus/ivr_menu_edit.php
View File

@@ -1075,7 +1075,7 @@
echo "</td>\n";
echo "<td class='formfld' align='left'>\n";
echo " <input class='formfld' style='width:100px' type='text' name='ivr_menu_options[".$x."][ivr_menu_option_description]' maxlength='255' value=\"".$field['ivr_menu_option_description']."\">\n";
echo " <input class='formfld' style='width:100px' type='text' name='ivr_menu_options[".$x."][ivr_menu_option_description]' maxlength='255' value=\"".escape($field['ivr_menu_option_description'])."\">\n";
echo "</td>\n";
if ($show_option_delete && permission_exists('ivr_menu_option_delete')) {