Fixed critical vulnerability in Code BBCode tag

15 years ago · 71bf53b960
parent b7b90d31df
commit 71bf53b960
3 changed files with 3 additions and 3 deletions
--- a/Builder/IISMainHandler/build.txt
+++ b/Builder/IISMainHandler/build.txt
@ -1 +1 @@
-574
+575
--- a/Builder/IISUploadHandler/build.txt
+++ b/Builder/IISUploadHandler/build.txt
@ -1 +1 @@
-308
+309
--- a/Common/BBCodes/Code.cs
+++ b/Common/BBCodes/Code.cs
@ -12,7 +12,7 @@ namespace FLocal.Common.BBCodes {
 		}

 		public override string Format(ITextFormatter formatter) {
-			return "<pre>" + this.InnerBBCode.Trim() + "</pre><br/>";
+			return "<pre>" + System.Web.HttpUtility.HtmlEncode(this.InnerBBCode.Trim()) + "</pre><br/>";
 		}

 	}