tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Avoid XSS in Private Enterprise Numbers

This commit is contained in:
Jose Gonzalez 2020-09-09 11:44:26 +02:00
parent 6a192433cb
commit b9b94e1382
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pandora_console/include/class/ConfigPEN.class.php
View File

@ -495,8 +495,8 @@ class ConfigPEN extends HTML
public function add()
{
$pen = get_parameter('pen', 0);
$manufacturer = get_parameter('manufacturer', '');
$description = get_parameter('description', '');
$manufacturer = io_safe_input(strip_tags(io_safe_output((string) get_parameter('manufacturer'))));
$description = io_safe_input(strip_tags(io_safe_output((string) get_parameter('description'))));
$is_new = (bool) get_parameter('is_new', false);
if (empty($pen)) {