Beanz/flatpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixes #177, possible XSS in Media Manager plugin

Browse Source
This commit is contained in:
azett 2022-12-25 14:32:08 +01:00
parent e53acdeef3
commit d3f3294965
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fp-plugins/mediamanager/panels/panel.mediamanager.file.php
View File

@ -233,7 +233,7 @@ class admin_uploader_mediamanager extends AdminPanelAction {
function onsubmit($data = NULL) { function onsubmit($data = NULL) {
if (isset($_POST ['mm-newgallery'])) { if (isset($_POST ['mm-newgallery'])) {
$newgallery = $_POST ['mm-newgallery-name']; $newgallery = strip_tags($_POST ['mm-newgallery-name']);
if ($newgallery == "") { if ($newgallery == "") {
$this->smarty->assign('success', -3); $this->smarty->assign('success', -3);
return 2; return 2;