Discuz漏洞修补备注
2014-07-04
tech
source/function/function_blog.php 226行1
'message' => $message,
改成1
'message' => dhtmlspecialchars($message),
大大的家园日志跨站啊,咱什么也不说了= =
source/admincp/admincp_members.php1
cpmsg('members_delete_confirm', "action=members&operation=clean&submit=yes&confirmed=yes"
改成1
cpmsg('members_delete_confirm', "action=members&operation=clean&submit=yes&confirmed=yes&formhash=".FORMHASH
然后1
if(!submitcheck('includepost')) {
上加1
if($_GET['formhash'] != FORMHASH) cpmsg('members_no_find_deluser', '', 'error');