Networks and Sites: Sanitize key parameter in wp-activate.php.

Props khushipatel15.
Fixes #63320.


git-svn-id: https://develop.svn.wordpress.org/trunk@60204 602fd350-edb4-49c9-b593-d223f7449a82

Author: felixarntz

src/wp-activate.php

@@ -29,9 +29,9 @@
 if ( isset( $_GET['key'] ) && isset( $_POST['key'] ) && $_GET['key'] !== $_POST['key'] ) {
 	wp_die( __( 'A key value mismatch has been detected. Please follow the link provided in your activation email.' ), __( 'An error occurred during the activation' ), 400 );
 } elseif ( ! empty( $_GET['key'] ) ) {
-	$key = $_GET['key'];
+	$key = sanitize_text_field( $_GET['key'] );
 } elseif ( ! empty( $_POST['key'] ) ) {
-	$key = $_POST['key'];
+	$key = sanitize_text_field( $_POST['key'] );
 }
 
 if ( $key ) {