diff --git a/kcfinder/core/uploader.php b/kcfinder/core/uploader.php
index f0aa69458cd251c34d31100d21ac48f1db9766dd..510033569bdb45338981cf86642af983af8641f8 100644
--- a/kcfinder/core/uploader.php
+++ b/kcfinder/core/uploader.php
@@ -45,9 +45,20 @@ class uploader {
 
         // INPUT INIT
         $input = new input();
-        $this->get = &$input->get;
-        $this->post = &$input->post;
-        $this->cookie = &$input->cookie;
+        $inputGet = &$input->get ;
+        foreach ($inputGet as $key => $value) {
+            $this->get[$key] = vtlib_purify($value);
+        }
+         
+        $inputPost= &$input->post;
+        foreach ($inputPost as $key => $value) {
+            $this->post[$key] = vtlib_purify($value);
+        }
+         
+        $inputCookie= &$input->cookie;
+        foreach ($inputCookie as $key => $value) {
+            $this->cookie[$key] = vtlib_purify($value);
+        }
 
         // LINKING UPLOADED FILE
         if (count($_FILES))