tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-04-08 18:55:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-12121-cve-2023-41814-xss-en-file-manager' into 'develop'

Browse Source 
Ent 12121 cve 2023 41814 xss en file manager

See merge request artica/pandorafms!6499
This commit is contained in:
Rafael Ameijeiras 2023-11-27 10:25:54 +00:00
commit cd8652f9e6
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_console/godmode/setup/file_manager.php
View File

@ -71,6 +71,8 @@ if (isset($config['filemanager']['message']) === true) {
$fallback_directory = 'images';
// Get directory.
$directory = (string) get_parameter('directory');
$directory = str_replace('<', '', $text);
$directory = str_replace('>', '', $text);
if (empty($directory) === true) {
$directory = $fallback_directory;
} else {