[그누•영카트] 영카트 5.1.3 패치 (2015.10.26)

페이지 정보

루루아빠 2,352 2015.11.09 11:13

짧은주소

  • https://yadolee.com/tip/332 주소복사

평점

  • 평점 : 0점 (0명 참여)

본문

** 수정내역 ** 

게시글 본문 내 object 태그를 이용한 XSS 취약점을 수정했습니다. (한국인터넷진흥원 박종원님이 알려주셨습니다.) 


https://github.com/gnuboard/youngcart5/commit/a8ca1edcd191e87ab0e501435b523973dc977044 
https://github.com/gnuboard/youngcart5/commit/deb468975de35dbf3d43d11ecde7a4e7db696a9f 
https://github.com/gnuboard/youngcart5/commit/1bf8190518481535321dcc1b2060fc8918879b4b 
https://github.com/gnuboard/youngcart5/commit/523ecbfacd0dbbb3837db1d85c6ce935e796366f 
https://github.com/gnuboard/youngcart5/commit/4ea7031a42b28abe28f2f058ee3931973ed9b097 
https://github.com/gnuboard/youngcart5/commit/3bb33a09c8414428ec3c6aaf300bb473e9b7ac17 


f298383 5.1.3 버전변경 
db1d1d2 5.1.4 버전변경 
M      config.php 
70441a8 로그인 화면의 누락된 부분 추가 
M      theme/basic/mobile/skin/member/basic/login.skin.php 
fdb4219 Merge branch 'g5' 
6a2cbbe 누락된 닫음태그 추가 
M      plugin/sns/view.sns.skin.php 
b3800de Merge branch 'g5' 
7d132fd post 값 필터링 코드 위치 변경 
M      bbs/register_form_update.php 
4f18060 Merge branch 'g5' 
0b66b11 htmlpurifier 4.7 버전 적용 
M      plugin/htmlpurifier/HTMLPurifier.standalone.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Builder/Xml.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Exception.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange/Directive.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange/Id.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/InterchangeBuilder.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Validator.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/ValidatorAtom.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema.ser 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt. 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.tx 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.D 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.t 
A      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.Predi 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.Remov 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.Remov 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithou 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions. 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt 
A      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragme 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSync 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.t 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacter 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.Language.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstruc 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.tx 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Es 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Sc 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Ti 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.tx 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.t 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.tx 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Base.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Host.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.t 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/info.ini 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Filter/ExtractStyleBlocks.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Filter/YouTube.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/classes/en-x-test.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en-x-test.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en-x-testmini.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Lexer/PH5P.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/CSSDefinition.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.css 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.js 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/HTMLDefinition.php 
8566183 XSS취약점관련 object 태그 허용설정 변경 
M      lib/common.lib.php
0
추천인
  • 추천해 주세요
6
루루아빠 - 회원등급 : 최고관리자 - 포인트 : 1,295,343
레벨 97
경험치 1,399,663

Progress Bar 10%

- 가입일 : 2015-03-04 03:24:54
- 서명 : KNOW YOUR LIMITS BUT NEVER STOP TRYING TO EXCEED THEM !!
- 자기소개 : 루루의 자랑 루루아빠랍니다~~

댓글

첫 번째 댓글을 남겨 주세요

Total 7482438 페이지
 태그
제목 글쓴이 날짜 조회 추천
그누•영카트  🏆 영카트 5.2.4 패치 - 모바일 삼성페이 및 네이버쇼핑 EP 3.0 적용 루루아빠 2016.11.22 2,986 0
이윰  🏆 커뮤니티 테마 사용시 회원 가입시 오류 문제 루루아빠 2015.06.01 2,814 0
이윰  🏆 반응형 테마 PC에서 메인과 사이드 레이아웃 위치 변경하기 루루아빠 2016.11.22 2,509 0
그누•영카트  🏆 인기검색어 등록 특정 단어 제외시키기 shadow2fox 2019.12.17 1,944 0
이윰  🏆 쪽지 페이징 기능 넣기 루루아빠 2015.06.04 2,957 0
이윰  🏆 이윰빌더 조건문 변수 루루아빠 2016.12.13 2,448 0
이윰  댓글+1🏆 1.1.2 패치후 카테고리 분류 게시판 분류 선택시 미등록페이지로 나오는 문제점 루루아빠 2015.06.04 3,122 0
jQuery  댓글+1🏆 button으로 유튜브 재생 및 정지 제어하기 루루아빠 2016.12.14 9,684 0
그누•영카트  🏆 영카트 5.4.1.3 shadow2fox 2019.12.24 2,077 0
그누•영카트  🏆 영카트 5.2.4.1 패치 - 모바일 삼성페이 기능 수정 루루아빠 2016.12.15 2,740 0
그누•영카트  🏆 영카트 5.0.36 패치 루루아빠 2015.06.04 3,202 0
그누•영카트  🏆 그누보드 5.4.1.4 shadow2fox 2020.01.08 1,697 0
이윰  🏆 게시글 본문 보기에서 제목 클릭시 글 수정하기 루루아빠 2015.06.04 2,930 0
그누•영카트  🏆 그누보드 5.2.5 패치 루루아빠 2017.01.10 2,374 0
이윰  🏆 Eyoom Builder 1.1.3 패치 루루아빠 2015.06.05 3,536 0
그누•영카트  🏆 영카트 5.2.5 패치 루루아빠 2017.01.10 2,513 0
JavaScript  🏆 아이프레임 자동으로 갱신하기 루루아빠 2015.06.05 3,200 0
그누•영카트  🏆 그누보드 5.2.6 패치 루루아빠 2017.01.20 2,188 0
이윰  🏆 이윰빌더 1.1.4 패치 루루아빠 2015.06.08 3,331 0
그누•영카트  🏆 영카트 5.2.6 패치 루루아빠 2017.01.20 2,498 0
 태그

🏆 게시글 랭킹 탑10

랭킹 포토 글내용 조회
1
특정 div의 내용을 일정 시간마다 새로고침하기
루루아빠 2016-03-20 06:24 		14,903
2
영카트 5.3.2.9
shadow2fox 2019-05-30 00:39 		11,694
3
button으로 유튜브 재생 및 정지 제어하기 댓글 +1
루루아빠 2017-02-21 19:12 		9,684
4
jQuery를 이용한 링크 자동 클릭(auto click) 댓글 +2
루루아빠 2015-06-27 02:19 		8,366
5
CKeditor 4.x 소스 보기시 자동으로 공백 태그( ) 추가되는 문제 해결하기 댓글 +1
루루아빠 2016-05-20 21:53 		7,212
6
modal 오픈시 modal-dialog 아래 background body 스크롤 안되게 하기
루루아빠 2015-07-16 00:05 		6,615
7
[PHP 7.2.x] count(): Parameter must be an array or an object that implements Countable 에러 해결하기 댓글 +1
shadow2fox 2020-03-09 14:37 		6,551
8
그누보드 5.4.4 댓글 +2
shadow2fox 2021-01-05 10:58 		6,384
9
영카트 5.0.41 패치
루루아빠 2015-07-13 14:53 		6,242
10
이윰빌더와 그누보드 패치시 수정할 파일들
루루아빠 2015-06-23 19:13 		6,146