Fixed a XSS with the email address
This commit is contained in:
parent
12beea299b
commit
a5744c30f7
1 changed files with 1 additions and 1 deletions
|
@ -31,7 +31,7 @@ h1 {font-size:1.9em;text-align:center;}
|
||||||
<? if($_REQUEST['noauto'] == 1) { ?><input type="hidden" name="noauto" value="1"><? } ?>
|
<? if($_REQUEST['noauto'] == 1) { ?><input type="hidden" name="noauto" value="1"><? } ?>
|
||||||
<h1><?=_("Login")?></h1>
|
<h1><?=_("Login")?></h1>
|
||||||
<p class='smalltext'><?=_("Warning! This site requires cookies to be enabled to ensure your privacy and security. This site uses session cookies to store temporary values to prevent people from copying and pasting the session ID to someone else exposing their account, personal details and identity theft as a result.")?></p>
|
<p class='smalltext'><?=_("Warning! This site requires cookies to be enabled to ensure your privacy and security. This site uses session cookies to store temporary values to prevent people from copying and pasting the session ID to someone else exposing their account, personal details and identity theft as a result.")?></p>
|
||||||
<label for="email"><?=_("Email Address")?>:</label><input type='text' name="email" value="<?=strip_tags($_REQUEST['email'])?>" /><br />
|
<label for="email"><?=_("Email Address")?>:</label><input type='text' name="email" value="<?=htmlspecialchars(strip_tags($_REQUEST['email']))?>" /><br />
|
||||||
<label for="pword"><?=_("Pass Phrase")?>:</label><input type='password' name='pword' /><br />
|
<label for="pword"><?=_("Pass Phrase")?>:</label><input type='password' name='pword' /><br />
|
||||||
<input type='submit' name="process" value="<?=_("Login")?>" /><br /><br />
|
<input type='submit' name="process" value="<?=_("Login")?>" /><br /><br />
|
||||||
<a href='https://www.cacert.org/index.php?id=4'>Password Login</a> -
|
<a href='https://www.cacert.org/index.php?id=4'>Password Login</a> -
|
||||||
|
|
Loading…
Reference in a new issue