[FIXED for 7.4.1] [7.4] html security bug custom member title

Print Thread

Hop To

[FIXED for 7.4.1] [7.4] html security bug custom member title #218448 10/27/2008 8:34 AM
Joined: Aug 2006 Posts: 1,358 Utrecht, NL Y Yarp Veteran
Yarp Veteran Y Joined: Aug 2006 Posts: 1,358 Utrecht, NL	/admin/changeuser.php Line 66: PHP Code $usertitle = get_input("usertitle","post"); Line 109-111 PHP Code if (preg_match("/Moderator/",$user['USER_MEMBERSHIP_LEVEL'])) { $user_title = preg_replace("<","<",$user_title); } // end if $usertitle vs $user_title. There's no html cleanup done that is supposed to happen if you're a moderator.

Link Copied to Clipboard

UBB.threads PHP Forum Software Community Forums UBB.threads 7 Bug Reports Fixed Bugs [FIXED for 7.4.1] [7.4] html security bug custom member title