tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-29 08:45:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixedd XSS on load filter event name

Browse Source
This commit is contained in:
Calvo 2021-06-04 13:36:32 +02:00
parent 90a5a1c1a3
commit 2f3cae8d61
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_console/operation/events/events.php
View File

@ -1472,7 +1472,7 @@ try {
$active_filters_div .= '<div class="label box-shadow">'.__('Current filter').'</div>'; $active_filters_div .= '<div class="label box-shadow">'.__('Current filter').'</div>';
$active_filters_div .= '<div id="current_filter" class="content">'; $active_filters_div .= '<div id="current_filter" class="content">';
if ($loaded_filter !== false) { if ($loaded_filter !== false) {
$active_filters_div .= io_safe_output($loaded_filter['id_name']); $active_filters_div .= htmlentities(io_safe_output($loaded_filter['id_name']));
} else { } else {
$active_filters_div .= __('Not set.'); $active_filters_div .= __('Not set.');
} }