From 251e6669b97f3be487475f2725a607ef2eebc577 Mon Sep 17 00:00:00 2001
From: Jose Gonzalez <jose.gonzalez@artica.es>
Date: Tue, 9 Jun 2020 12:51:17 +0200
Subject: [PATCH] Solved security issue with system logfiles field

---
 pandora_console/include/functions_config.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pandora_console/include/functions_config.php b/pandora_console/include/functions_config.php
index e003461c5b..f6ecf0ccca 100644
--- a/pandora_console/include/functions_config.php
+++ b/pandora_console/include/functions_config.php
@@ -287,7 +287,7 @@ function config_update_config()
                         $error_update[] = __('Command Snapshot');
                     }
 
-                    if (!config_update_value('server_log_dir', get_parameter('server_log_dir'))) {
+                    if (!config_update_value('server_log_dir', io_safe_input(strip_tags(io_safe_output(get_parameter('server_log_dir')))))) {
                         $error_update[] = __('Server logs directory');
                     }