frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2023-10-10 13:37:24 +02:00
Code Issues Releases Wiki Activity

Merge pull request #242 from D9ping/patch-1

Browse Source 
Fix xss in interface parameter.
This commit is contained in:
Bill Zimmerman 2018-10-03 16:58:07 +02:00 committed by GitHub
commit 45a7d0a574
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
includes/hostapd.php
View File

@ -508,7 +508,7 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $status)
if (! in_array($_POST['interface'], $interfaces)) { if (! in_array($_POST['interface'], $interfaces)) {
// The user is probably up to something here but it may also be a // The user is probably up to something here but it may also be a
// genuine error. // genuine error.
$status->addMessage('Unknown interface '.$_POST['interface'], 'danger'); $status->addMessage('Unknown interface '.htmlspecialchars($_POST['interface'], ENT_QUOTES), 'danger');
$good_input = false; $good_input = false;
} }