From b4f6d9c766021c4b3285bdef97d29c25d5ed60fa Mon Sep 17 00:00:00 2001 From: Harald Eilertsen Date: Sat, 12 Mar 2022 17:24:32 +0100 Subject: Security: Escape event and link urls before using. --- includes/admin/views/_concerts_table.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/includes/admin/views/_concerts_table.php b/includes/admin/views/_concerts_table.php index 26e5833..45d9196 100644 --- a/includes/admin/views/_concerts_table.php +++ b/includes/admin/views/_concerts_table.php @@ -322,8 +322,8 @@ if (!class_exists("GiglogAdmin_ConcertsTable")) } } else { - $content .= "eventlink()}\">Link"; - $content .= "tickets()}\">Tickets"; + $content .= "eventlink()) . "\">Link"; + $content .= "tickets()) . "\">Tickets"; } $content .= ' iCal'; -- cgit v1.2.3