Beanz/flatpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added SVG to forbidden file types in order to prevent possible XSS - see https://github.com/Nguyen-Trung-Kien/CVE/blob/main/CVE-2022-24588/CVE-2022-24588.pdf

Browse Source
This commit is contained in:
azett 2022-12-17 14:39:15 +01:00
parent c4cc70e7ea
commit 742f8b04f2
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
admin/panels/uploader/admin.uploader.php
View File

@ -95,7 +95,8 @@ class admin_uploader_default extends AdminPanelAction {
'jsp', 'jsp',
'htm', 'htm',
'html', 'html',
'wml' 'wml',
'svg'
); );
$imgs = array( $imgs = array(