turnermm
commented
8 years ago escaped output with htmlentities.
Closed splitbrain closed 8 years ago
turnermm
commented
8 years ago escaped output with htmlentities.
turnermm
commented
8 years ago Escaping output string wasn't enough for grinder; I had to use $INPUT to get an OK from it: http://php-grinder.com/project/view/22070
I'm not sure how trustworthy grinder is here. It gives a pass to $INPUT, which it can't access, but not to htmlentities.
splitbrain
commented
8 years ago grinder is a static analyzer. what it finds are possible problems. you have to analyze and asses them yourself.
turnermm
commented
8 years ago Ah, I see. I didn't know what 'static' referred to.
See http://php-grinder.com/vulns/view/1193317
$_REQUEST['newpagetemplate'] is output without escaping.