beenull/raspap-webgui-mirror
1
0
Fork 0
mirror of https://github.com/RaspAP/raspap-webgui.git synced 2024-11-22 07:30:23 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix xss in interface parameter.

Browse source
This commit is contained in:
Tom 2018-10-02 12:58:50 +02:00 committed by GitHub
parent c9377c1c04
commit ec1f8022fe
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
includes/hostapd.php
View file

@ -508,7 +508,7 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $status)
if (! in_array($_POST['interface'], $interfaces)) {
// The user is probably up to something here but it may also be a
// genuine error.
$status->addMessage('Unknown interface '.$_POST['interface'], 'danger');
$status->addMessage('Unknown interface '.htmlspecialchars($_POST['interface'], ENT_QUOTES), 'danger');
$good_input = false;
}