tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-9745-XSS' into 'develop' 

fixed vulnerability in load of help iframes

See merge request artica/pandorafms!5245
This commit is contained in:
Rafael Ameijeiras 2022-11-08 11:49:46 +00:00
parent 3423cddfd6 2c7d7e4044
commit 43690d3aa6
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pandora_console/include/class/HelpFeedBack.class.php
View File

@ -94,7 +94,8 @@ class HelpFeedBack extends Wizard
ui_require_css_file('help_feedback');
$help_url = get_parameter('b', null);
$help_url = base64_decode($help_url);
$help_url = io_safe_input(base64_decode($help_url));
if ($help_url === null) {
echo __('Page not found');
} else {