Minor xss reported by Aung Khant

2011-06-10 21:38:43 +02:00
parent 2d56821c0f
commit bbccc36817
1 changed files with 1 additions and 1 deletions
--- a/enum_editor.php
+++ b/enum_editor.php
@@ -58,7 +58,7 @@ require_once './libraries/header_meta_style.inc.php';
               </a>
            </p>
             <input type="hidden" name="token" value="<?php echo $_GET['token']; ?>" />
-             <input type="hidden" name="field" value="<?php echo $_GET['field']; ?>" />
+             <input type="hidden" name="field" value="<?php echo htmlspecialchars($_GET['field']); ?>" />
             <input type="hidden" name="num_fields" value="<?php echo $total_fields; ?>" />
             <input type="submit" value="<?php echo __('Go'); ?>" />
        </form>