frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2025-03-01 10:31:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #242 from D9ping/patch-1

Browse Source 
Fix xss in interface parameter.
This commit is contained in:
Bill Zimmerman
2018-10-03 16:58:07 +02:00
committed by GitHub
parent c9377c1c04 ec1f8022fe
commit 45a7d0a574
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
includes/hostapd.php
View File

@@ -508,7 +508,7 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $status)
if (! in_array($_POST['interface'], $interfaces)) {
// The user is probably up to something here but it may also be a
// genuine error.
$status->addMessage('Unknown interface '.$_POST['interface'], 'danger');
$status->addMessage('Unknown interface '.htmlspecialchars($_POST['interface'], ENT_QUOTES), 'danger');
$good_input = false;
}