From 2495dfcd3bba35a10f70edab21cabe1d353553d5 Mon Sep 17 00:00:00 2001
From: tianya <tianya@imcollege.cn>
Date: Mon, 10 Aug 2020 16:02:39 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=AD=A3=E5=90=8E=E5=8F=B0XSS?=
 =?UTF-8?q?=E5=AD=98=E5=9C=A8=E7=9A=84=E5=AE=89=E5=85=A8=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/dede/action_search.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/dede/action_search.php b/src/dede/action_search.php
index 2c18ce0c..232b7445 100755
--- a/src/dede/action_search.php
+++ b/src/dede/action_search.php
@@ -14,7 +14,7 @@ require_once(dirname(__FILE__)."/actionsearch_class.php");
 //增加权限检查
 if(empty($dopost)) $dopost = "";
 
-$keyword=empty($keyword)? "" : $keyword;
+$keyword=empty($keyword)? "" : RemoveXss($keyword);
 $actsearch = new ActionSearch($keyword);
 $asresult = $actsearch->Search();
 include DedeInclude('templets/action_search.htm');