From 7163b3d853d4ced99244fef73b21c10613a3fc50 Mon Sep 17 00:00:00 2001
From: Daniel Cebrian <daniel.cebrian@pandorafms.com>
Date: Mon, 23 Jan 2023 16:47:27 +0100
Subject: [PATCH] #10160 fixed xss vulnerability in visual console name

---
 pandora_console/godmode/reporting/visual_console_builder.php    | 2 +-
 .../include/rest-api/models/VisualConsole/Container.php         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/pandora_console/godmode/reporting/visual_console_builder.php b/pandora_console/godmode/reporting/visual_console_builder.php
index 382371a38e..24216c8f3a 100755
--- a/pandora_console/godmode/reporting/visual_console_builder.php
+++ b/pandora_console/godmode/reporting/visual_console_builder.php
@@ -177,7 +177,7 @@ switch ($activeTab) {
                 $background_color = (string) get_parameter('background_color');
                 $width = (int) get_parameter('width');
                 $height = (int) get_parameter('height');
-                $visualConsoleName = (string) get_parameter('name');
+                $visualConsoleName = io_safe_input((string) get_parameter('name'));
                 $is_favourite  = (int) get_parameter('is_favourite_sent');
                 $auto_adjust  = (int) get_parameter('auto_adjust_sent');
 
diff --git a/pandora_console/include/rest-api/models/VisualConsole/Container.php b/pandora_console/include/rest-api/models/VisualConsole/Container.php
index d8042c8054..16f86884d9 100644
--- a/pandora_console/include/rest-api/models/VisualConsole/Container.php
+++ b/pandora_console/include/rest-api/models/VisualConsole/Container.php
@@ -357,7 +357,7 @@ final class Container extends Model
             $config['dbpass'].$row['id'].$config['id_user']
         );
 
-        return \io_safe_output($row);
+        return $row;
     }