Commit 3efee179 authored by chandi's avatar chandi Committed by Matthias Larisch

fix potential stored XSS in LoginXhr::joinValidate()

parent bedf5246
......@@ -206,7 +206,7 @@ class LoginXhr extends Control
$data['country'] = strip_tags($data['country'] ?? null);
$data['country'] = strtolower($data['country']);
$data['country'] = trim($data['country']);
$data['nr'] = $data['nr'] ?? null;
$data['nr'] = htmlspecialchars($data['nr']) ?? null;
$data['newsletter'] = (int)$data['newsletter'];
if (!in_array($data['newsletter'], array(0, 1), true)) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment