19 Jun
2006
19 Jun
'06
5:58 p.m.
On 19 Jun 2006, at 16:50, Earl Dunovant wrote:
What was the query you used to identify the problem? I think amazon.module is one of the false positives, but I want ot make sure I'm looking at the same thing you are.
This line is vulnerable (amongst other): $datacell .= "<img src=\"$node->smallimageurl\" height=\"$node-
smallimageheight\" width=\"$node->smallimagewidth\" alt=\"cover of $node->title\" />"
-- Dries Buytaert :: http://www.buytaert.net/