[그누•영카트] 영카트 5.1.3 패치 (2015.10.26)

페이지 정보

루루아빠 2,351 2015.11.09 11:13

짧은주소

  • https://yadolee.com/tip/332 주소복사

평점

  • 평점 : 0점 (0명 참여)

본문

** 수정내역 ** 

게시글 본문 내 object 태그를 이용한 XSS 취약점을 수정했습니다. (한국인터넷진흥원 박종원님이 알려주셨습니다.) 


https://github.com/gnuboard/youngcart5/commit/a8ca1edcd191e87ab0e501435b523973dc977044 
https://github.com/gnuboard/youngcart5/commit/deb468975de35dbf3d43d11ecde7a4e7db696a9f 
https://github.com/gnuboard/youngcart5/commit/1bf8190518481535321dcc1b2060fc8918879b4b 
https://github.com/gnuboard/youngcart5/commit/523ecbfacd0dbbb3837db1d85c6ce935e796366f 
https://github.com/gnuboard/youngcart5/commit/4ea7031a42b28abe28f2f058ee3931973ed9b097 
https://github.com/gnuboard/youngcart5/commit/3bb33a09c8414428ec3c6aaf300bb473e9b7ac17 


f298383 5.1.3 버전변경 
db1d1d2 5.1.4 버전변경 
M      config.php 
70441a8 로그인 화면의 누락된 부분 추가 
M      theme/basic/mobile/skin/member/basic/login.skin.php 
fdb4219 Merge branch 'g5' 
6a2cbbe 누락된 닫음태그 추가 
M      plugin/sns/view.sns.skin.php 
b3800de Merge branch 'g5' 
7d132fd post 값 필터링 코드 위치 변경 
M      bbs/register_form_update.php 
4f18060 Merge branch 'g5' 
0b66b11 htmlpurifier 4.7 버전 적용 
M      plugin/htmlpurifier/HTMLPurifier.standalone.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Builder/Xml.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Exception.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange/Directive.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange/Id.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/InterchangeBuilder.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Validator.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/ValidatorAtom.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema.ser 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt. 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.tx 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.D 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.t 
A      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.Predi 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.Remov 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.Remov 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithou 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions. 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt 
A      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragme 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSync 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.t 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacter 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.Language.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstruc 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.tx 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Es 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Sc 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Ti 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.tx 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.t 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.tx 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Base.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Host.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.t 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/info.ini 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Filter/ExtractStyleBlocks.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Filter/YouTube.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/classes/en-x-test.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en-x-test.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en-x-testmini.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Lexer/PH5P.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/CSSDefinition.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.css 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.js 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/HTMLDefinition.php 
8566183 XSS취약점관련 object 태그 허용설정 변경 
M      lib/common.lib.php
0
추천인
  • 추천해 주세요
6
루루아빠 - 회원등급 : 최고관리자 - 포인트 : 1,295,343
레벨 97
경험치 1,399,663

Progress Bar 10%

- 가입일 : 2015-03-04 03:24:54
- 서명 : KNOW YOUR LIMITS BUT NEVER STOP TRYING TO EXCEED THEM !!
- 자기소개 : 루루의 자랑 루루아빠랍니다~~

댓글

첫 번째 댓글을 남겨 주세요

Total 7482438 페이지
 태그
제목 글쓴이 날짜 조회 추천
그누•영카트  🏆 📸 5.2.9.8.4 버전에서 5.3.1 정식버전으로 패치 루루아빠 2018.04.06 2,084 0
그누•영카트  🏆 📸 5.2.9.8.4 버전에서 5.3.1 정식버전으로 패치 루루아빠 2018.04.06 2,563 0
그누•영카트  🏆 영카트 5.3.1.1 루루아빠 2018.04.06 2,725 0
이윰  🏆 Eyoom Builder 3.0.1 패치 루루아빠 2018.04.16 2,571 0
그누•영카트  🏆 그누보드 5.3.1.2 패치 루루아빠 2018.04.21 2,087 0
그누•영카트  🏆 영카트 5.3.1.2 보안 패치 루루아빠 2018.04.21 2,460 0
이윰  🏆 이윰빌더 사용하지 않기 루루아빠 2018.04.25 2,150 0
이윰  🏆 전체검색 리스트 페이지에서 동영상 썸네일 이미지도 사용하기 루루아빠 2018.05.04 2,361 0
이윰  🏆 전체검색 리스트 페이지에서 외부 이미지도 썸네일 사용하기 루루아빠 2018.05.06 2,297 0
이윰  🏆 Eyoom Builder 3.0.2 패치 루루아빠 2018.05.14 2,043 0
Bootstrap  🏆 모달창 오픈시 백그라운드(메인 화면) 스크롤 금지 최종 버전 루루아빠 2018.05.16 2,230 0
jQuery  🏆 타겟 링크가 내 주소인지 외부 주소인지 확인하기 루루아빠 2018.05.22 1,982 0
그누•영카트  🏆 그누보드 5.3.1.3 패치 루루아빠 2018.05.29 2,289 0
그누•영카트  🏆 영카트 5.3.1.3 패치 루루아빠 2018.05.29 2,493 0
Bootstrap  🏆 모달창 내부에서 모달창 부모 닫기 루루아빠 2018.06.02 2,102 0
그누•영카트  🏆 그누보드 5.3.1.4 패치 루루아빠 2018.06.06 2,153 0
그누•영카트  🏆 영카트 5.3.1.4 패치 루루아빠 2018.06.06 2,675 0
그누•영카트  🏆 특정 게시판에선 인기검색어 수집하지 않기 루루아빠 2018.06.08 1,886 0
그누•영카트  댓글+1🏆 특정 레벨회원까지 캡차 적용하기 shadow2fox 2018.06.09 1,909 0
그누•영카트  🏆 게시판 관리자는 글쓰기, HTML, DHTML 제한 적용받지 않기 shadow2fox 2018.06.09 1,992 0
 태그

🏆 게시글 랭킹 탑10

랭킹 포토 글내용 조회
1
특정 div의 내용을 일정 시간마다 새로고침하기
루루아빠 2016-03-20 06:24 		14,903
2
영카트 5.3.2.9
shadow2fox 2019-05-30 00:39 		11,694
3
button으로 유튜브 재생 및 정지 제어하기 댓글 +1
루루아빠 2017-02-21 19:12 		9,684
4
jQuery를 이용한 링크 자동 클릭(auto click) 댓글 +2
루루아빠 2015-06-27 02:19 		8,366
5
CKeditor 4.x 소스 보기시 자동으로 공백 태그( ) 추가되는 문제 해결하기 댓글 +1
루루아빠 2016-05-20 21:53 		7,212
6
modal 오픈시 modal-dialog 아래 background body 스크롤 안되게 하기
루루아빠 2015-07-16 00:05 		6,615
7
[PHP 7.2.x] count(): Parameter must be an array or an object that implements Countable 에러 해결하기 댓글 +1
shadow2fox 2020-03-09 14:37 		6,551
8
그누보드 5.4.4 댓글 +2
shadow2fox 2021-01-05 10:58 		6,384
9
영카트 5.0.41 패치
루루아빠 2015-07-13 14:53 		6,241
10
이윰빌더와 그누보드 패치시 수정할 파일들
루루아빠 2015-06-23 19:13 		6,146