Merge pull request #257 from Fraenkiman/upstream/issue217-Vulnerability-Stored-XSS-

Prevents upload of files with .xsig extension
2023-09-02 12:13:56 +02:00 · 2023-09-02 12:13:56 +02:00 · d49c2c40b8
commit d49c2c40b8
parent 1aab02cabf 3c9cc69364
1 changed files with 2 additions and 1 deletions
--- a/admin/panels/uploader/admin.uploader.php
+++ b/admin/panels/uploader/admin.uploader.php
@ -99,7 +99,8 @@ class admin_uploader_default extends AdminPanelAction {
 			'svg',
 			'xml',
 			'md',
-			'pages'
+			'pages',
+			'xsig'
 		);

 		$imgs = array(