mirror
/
PHPMailer
mirror of https://github.com/PHPMailer/PHPMailer.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Avoid XSS in error message output

This commit is contained in:
Marcus Bointon 2017-07-26 23:16:08 +02:00
parent 1e3f4e4062
commit ca9f6c2d57
No known key found for this signature in database
GPG Key ID: DE31CD6EB646AA24
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Exception.php
View File

@ -35,7 +35,6 @@ class Exception extends \Exception
*/
public function errorMessage()
{
$errorMsg = '<strong>' . $this->getMessage() . "</strong><br />\n";
return $errorMsg;
return '<strong>' . htmlspecialchars($this->getMessage()) . "</strong><br />\n";
}
}