From 8ee4ceea10f890504251620463849d7c1b802462 Mon Sep 17 00:00:00 2001
From: panda <panda>
Date: Sun, 2 Mar 2003 13:18:31 +0900
Subject: [PATCH] fix XSS vulnerability.

---
 plugin/md5.inc.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/plugin/md5.inc.php b/plugin/md5.inc.php
index b138f8d..346c52a 100644
--- a/plugin/md5.inc.php
+++ b/plugin/md5.inc.php
@@ -2,7 +2,7 @@
 /////////////////////////////////////////////////
 // PukiWiki - Yet another WikiWikiWeb clone.
 //
-// $Id: md5.inc.php,v 1.1 2003/01/27 05:38:46 panda Exp $
+// $Id: md5.inc.php,v 1.2 2003/03/02 04:18:31 panda Exp $
 //
 //  MD5¥Ñ¥¹¥ï¡¼¥É¤Ø¤ÎÊÑ´¹
 function plugin_md5_action()
@@ -11,7 +11,7 @@ function plugin_md5_action()
 	
 	return array(
 		'msg'=>'Make password of MD5',
-		'body'=> $vars['md5'].' : '.md5($vars['md5'])
+		'body'=> htmlspecialchars($vars['md5']).' : '.md5($vars['md5'])
 	);
 }
 ?>
-- 
2.11.0