[PATCH] Fix XSS inside API error response
Export this patch
---
next.php | 2 +-
previous.php | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/next.php b/next.php
index 27e1144..729f07c 100755
--- a/next.php
+++ b/next.php
@@ -24,7 +24,7 @@
// URL not found
if ($index == -1) {
header("HTTP/1.1 404 Not Found");
- echo "Can't find member '" . $origin . "' inside web ring";
+ echo "Can't find member '" . htmlspecialchars($origin) . "' inside web ring";
exit;
}
diff --git a/previous.php b/previous.php
index 5207ca1..44a9917 100755
--- a/previous.php
+++ b/previous.php
@@ -25,7 +25,7 @@
// URL not found
if ($index == -1) {
header("HTTP/1.1 404 Not Found");
- echo "Can't find member '" . $origin . "' inside web ring";
+ echo "Can't find member '" . htmlspecialchars($origin) . "' inside web ring";
exit;
}
--
2.30.2