From b4ca9c958de70beb6b978039660c4a38e3146946 Mon Sep 17 00:00:00 2001
From: daniel <daniel.barbero@artica.es>
Date: Fri, 30 Jun 2017 13:26:05 +0200
Subject: [PATCH] fixed error XSS in login_page

---
 pandora_console/general/login_page.php | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/pandora_console/general/login_page.php b/pandora_console/general/login_page.php
index da03d90f7d..5e9278a854 100755
--- a/pandora_console/general/login_page.php
+++ b/pandora_console/general/login_page.php
@@ -134,6 +134,11 @@ echo '<div class="login_page">';
 	switch ($login_screen) {
 		case 'logout':
 		case 'login':
+			if (!empty ($page) && !empty ($sec)) {
+				foreach ($_POST as $key => $value) {
+					html_print_input_hidden (io_safe_input($key), $value);
+				}
+			}
 			if ($config['auth'] == 'saml') {
 				echo '<div id="log_nick" class="login_nick" style="display: none;">';
 					echo '<div>';
@@ -185,6 +190,11 @@ echo '<div class="login_page">';
 			
 			break;
 		case 'double_auth':
+			if (!empty ($page) && !empty ($sec)) {
+				foreach ($_POST as $key => $value) {
+					html_print_input_hidden (io_safe_input($key), $value);
+				}
+			}
 			echo '<div class="login_nick">';
 			echo '<div>';
 				html_print_image ("/images/icono_autenticacion.png", false);