DLE hacks
Changes in authorization using Facebook
26-12-2022, 13:53
- DLE hacks, FREE Group">
- Complain
Insufficient data filtering DLE 12.1
Insufficient filtering of incoming data, which can lead to a potential threat of an XSS attack.
Version error: 12.1 and below
Degree of danger: High
To fix the problem, open the file engine/classes/parse.class.php and find in it:
function clear_url($url) {
global $config;
add below:
$url = str_replace(array("{", "}", "[", "]"),array("%7B", "%7D", "%5B", "%5D"), $url);
This patch is intended for version 12.1 and all versions below version 12.1⚠ Information
Visitors who are in the group Guests they can't download files.
Log in to the site under your login and password or if you are a new user go through the process registrations on the website.
Log in to the site under your login and password or if you are a new user go through the process registrations on the website.
Related articles
DLE hacks
The second button is Discuss on the forum
26-12-2022, 14:18
DLE hacks
Expanding the functionality of the template engine
26-12-2022, 14:35
There are no comments
Information
Users of Visitor are not allowed to comment this publication.