MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [discussions] Fix to a potential black-hole inducing issue 

- this totally won't do anything
pull/4861/head
iglocska 2019-07-08 13:28:26 +02:00
parent b45b55e854
commit 80bfe9463d
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/View/Elements/eventdiscussion.ctp
View File

@ -134,6 +134,7 @@
<?php
if (isset($currentEvent)) $url = '/posts/add/event/' . $currentEvent;
else $url = '/posts/add/thread/' . $thread['Thread']['id'];
$url = h($url);
echo $this->Form->create('Post', array('url' => $url));
?>
<fieldset>
@ -153,7 +154,7 @@
));
?>
</fieldset>
<button class="btn btn-primary" onClick="submitMessageForm('<?php echo h($url);?>', 'PostViewForm', 'top'); return false;"><?php echo __('Send');?></button>
<button class="btn btn-primary" onClick="submitMessageForm('<?php echo $url;?>', 'PostViewForm', 'top'); return false;"><?php echo __('Send');?></button>
<?php
echo $this->Form->end();
?>