From 555c018ff0f2b9a53582b9e7aa89516ec730b144 Mon Sep 17 00:00:00 2001
From: aklerza <60571063+aklerza@users.noreply.github.com>
Date: Sat, 12 Oct 2024 13:34:58 +0400
Subject: [PATCH] Fix XSS vulnerability.
---
bibtexbrowser.php | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/bibtexbrowser.php b/bibtexbrowser.php
index 9dfb363..3c611b8 100755
--- a/bibtexbrowser.php
+++ b/bibtexbrowser.php
@@ -296,7 +296,8 @@ function default_message() {
You may browse:
'.$bibfile.'
';
+ $url="?bib=".urlencode($bibfile);
+ echo ''.htmlspecialchars($bibfile, ENT_QUOTES, 'UTF-8').'
';
}
echo "";
}