From 77142a0c1a88c7e09db02ab0225cea8ecc87886d Mon Sep 17 00:00:00 2001
From: Marcos Alconada <marcos.alconada@artica.es>
Date: Fri, 14 Aug 2020 11:42:49 +0200
Subject: [PATCH] fixed vulnerability

---
 pandora_console/godmode/modules/manage_network_components.php | 4 ++--
 .../godmode/modules/manage_network_components_form.php        | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/pandora_console/godmode/modules/manage_network_components.php b/pandora_console/godmode/modules/manage_network_components.php
index 4b1995cd5e..37a3483e2b 100644
--- a/pandora_console/godmode/modules/manage_network_components.php
+++ b/pandora_console/godmode/modules/manage_network_components.php
@@ -330,7 +330,7 @@ if ($create_component) {
 
     if ($name && !$name_check) {
         $id = network_components_create_network_component(
-            $name,
+            strip_tags(io_safe_input($name), '<br>'),
             $type,
             $id_group,
             [
@@ -431,7 +431,7 @@ if ($update_component) {
             $id,
             [
                 'type'                  => $type,
-                'name'                  => $name,
+                'name'                  => strip_tags(io_safe_input($name, '<br>')),
                 'id_group'              => $id_group,
                 'description'           => $description,
                 'module_interval'       => $module_interval,
diff --git a/pandora_console/godmode/modules/manage_network_components_form.php b/pandora_console/godmode/modules/manage_network_components_form.php
index 2a63068b8d..df524a0574 100644
--- a/pandora_console/godmode/modules/manage_network_components_form.php
+++ b/pandora_console/godmode/modules/manage_network_components_form.php
@@ -111,7 +111,7 @@ if (isset($id)) {
     $component = network_components_get_network_component((int) $id);
     if ($component !== false) {
         $id_component_type       = $component['id_modulo'];
-        $name                    = $component['name'];
+        $name                    = io_safe_output($component['name']);
         $type                    = $component['type'];
         $description             = $component['description'];
         $max                     = $component['max'];