织梦dedecms二维码XSS跨站脚本漏洞
dedecms v5.7 qrcode二维码XSS跨站脚本漏洞修复:
打开 /plus/qrcode.php 找到,大概在第8行
修改为:
$type = isset($type)? $type : '';
|
$type = isset($type)? RemoveXSS(HtmlReplace($type,3)) : '';
|