tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-16 18:34:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

Avoid XSS in Private Enterprise Numbers

Browse Source
This commit is contained in:
Jose Gonzalez 2020-09-09 11:44:26 +02:00
parent 6a192433cb
commit b9b94e1382
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pandora_console/include/class/ConfigPEN.class.php
View File

@ -495,8 +495,8 @@ class ConfigPEN extends HTML
public function add() public function add()
{ {
$pen = get_parameter('pen', 0); $pen = get_parameter('pen', 0);
$manufacturer = get_parameter('manufacturer', ''); $manufacturer = io_safe_input(strip_tags(io_safe_output((string) get_parameter('manufacturer'))));
$description = get_parameter('description', ''); $description = io_safe_input(strip_tags(io_safe_output((string) get_parameter('description'))));
$is_new = (bool) get_parameter('is_new', false); $is_new = (bool) get_parameter('is_new', false);
if (empty($pen)) { if (empty($pen)) {