diff --git a/pandora_console/godmode/reporting/map_builder.php b/pandora_console/godmode/reporting/map_builder.php
index d879bb5a5a..7a8d2df32c 100644
--- a/pandora_console/godmode/reporting/map_builder.php
+++ b/pandora_console/godmode/reporting/map_builder.php
@@ -519,9 +519,9 @@ if (!$maps && is_metaconsole() === false) {
$data = [];
if (is_metaconsole() === false) {
- $data[0] = ''.$map['name'].'';
+ $data[0] = ''.io_safe_output($map['name']).'';
} else {
- $data[0] = ''.$map['name'].'';
+ $data[0] = ''.io_safe_output($map['name']).'';
}
$data[1] = ui_print_group_icon($map['id_group'], true);
@@ -541,7 +541,7 @@ if (!$maps && is_metaconsole() === false) {
true,
['class' => 'main_menu_icon invert_filter']
).'';
- $data[4] = ''.html_print_image(
+ $data[4] = ''.html_print_image(
'images/delete.svg',
true,
['class' => 'main_menu_icon invert_filter']
@@ -552,7 +552,7 @@ if (!$maps && is_metaconsole() === false) {
true,
['class' => 'main_menu_icon invert_filter']
).'';
- $data[4] = ''.html_print_image(
+ $data[4] = ''.html_print_image(
'images/delete.svg',
true,
['class' => 'main_menu_icon invert_filter']
diff --git a/pandora_console/godmode/reporting/visual_console_builder.data.php b/pandora_console/godmode/reporting/visual_console_builder.data.php
index 5ce3c3f679..f5cc8d059c 100644
--- a/pandora_console/godmode/reporting/visual_console_builder.data.php
+++ b/pandora_console/godmode/reporting/visual_console_builder.data.php
@@ -151,7 +151,7 @@ $table->data[0][] = html_print_label_input_block(
__('Name'),
html_print_input_text(
'name',
- $visualConsoleName,
+ io_safe_output($visualConsoleName),
'',
80,
100,
diff --git a/pandora_console/godmode/reporting/visual_console_builder.php b/pandora_console/godmode/reporting/visual_console_builder.php
index 986dcb423b..694a2a6ea3 100755
--- a/pandora_console/godmode/reporting/visual_console_builder.php
+++ b/pandora_console/godmode/reporting/visual_console_builder.php
@@ -163,7 +163,7 @@ switch ($activeTab) {
$background_color = (string) get_parameter('background_color');
$width = (int) get_parameter('width');
$height = (int) get_parameter('height');
- $visualConsoleName = (string) get_parameter('name');
+ $visualConsoleName = (string) io_safe_input(get_parameter('name'));
$is_favourite = (int) get_parameter('is_favourite_sent');
$auto_adjust = (int) get_parameter('auto_adjust_sent');
@@ -239,7 +239,7 @@ switch ($activeTab) {
if ($uploadOK == 1) {
if (move_uploaded_file($_FILES['background_image']['tmp_name'], $target_file)) {
$background = $nameImage;
- $values['background'] = $background;
+ $values['background'] = io_safe_input($background);
$error2 = chmod($target_file, 0644);
$uploadOK = $error2;
} else {
@@ -872,7 +872,7 @@ $buttons[$activeTab]['active'] = true;
$tab_builder = ($activeTab === 'editor') ? 'visual_console_editor_editor_tab' : '';
ui_print_standard_header(
- ($visualConsoleName ?? ''),
+ (io_safe_output($visualConsoleName) ?? ''),
'images/visual_console.png',
false,
$tab_builder,