Home / Information / Security patch
February 13 2018

Security patch

celsoft 13 February 2018 Information 3 270
3
The problem: data filtering.

Error in version: 12.1 and less

Severity: high

To fix this issue, open the file engine/classes/parse.class.php and find:
	function clear_url($url) {
		global $config;

below add:
	$url = str_replace(array("{", "}", "[", "]"),array("%7B", "%7D", "%5B", "%5D"), $url);

This fix is for version 12.1 and all versions less that 12.1.

The version 12.1 on our server updated.

Comments

  1. VladimirSukhov (Visitors)

    13 February 2018 07:59 16 comments
    What is the benefit to adding this line?
  2. celsoft (Administrators)

    13 February 2018 18:51 4 133 comments
    Quote: VladimirSukhov
    What is the benefit to adding this line?

    This is a security patch and makes your website safer.
  3. VladimirSukhov (Visitors)

    13 February 2018 20:09 16 comments
    Thanks, I did this perfectly.

Information

Users of Guests are not allowed to comment this publication.

Calendar

«    December 2024    »
MonTueWedThuFriSatSun
 1
2345678
9101112131415
16171819202122
23242526272829
3031 

Voting On The Website

Please, rate the engine