[interchange-bugs] [rt.icdevgroup.org #306] XSS Exploit in demo -- UserDB.pm
Peter Ajamian via RT
interchange at rt.icdevgroup.org
Mon Feb 28 03:44:58 UTC 2011
<URL: http://rt.icdevgroup.org/Ticket/Display.html?id=306 >
On Sun Feb 27 20:04:09 2011, thunder wrote:
> Suggest to change it to:
> die errmsg("Username contains illegal characters.") . "\n"
I don't think that "\n" is needed at the end of a die anyways. Suggest changing it to:
die errmsg('Username contains illegal characters.');
More information about the interchange-bugs
mailing list