tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Avoid XSS in Module templates

This commit is contained in:
Jose Gonzalez 2020-09-09 12:35:28 +02:00
parent de49530fd1
commit e833c318a5
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pandora_console/include/class/ModuleTemplates.class.php
View File

@ -303,8 +303,8 @@ class ModuleTemplates extends HTML
if (!empty($this->action)) {
// Success variable.
$success = false;
$this->name = get_parameter('name', '');
$this->description = get_parameter('description', '');
$this->name = io_safe_input(strip_tags(io_safe_output((string) get_parameter('name'))));
$this->description = io_safe_input(strip_tags(io_safe_output((string) get_parameter('description'))));
$this->pen = get_parameter('pen', '');
switch ($this->action) {