Merge pull request #1887 from YichaoXu/master

fix: mitigate UUF vulnerability by escaping entity with escapeshellarg
2025-12-26 23:26:47 +01:00 · 2025-06-25 10:34:48 +02:00
parent 2a4f2f356c eb53c46c33
commit bba2f67931
1 changed files with 1 additions and 1 deletions
--- a/ajax/networking/get_wgkey.php
+++ b/ajax/networking/get_wgkey.php
@@ -5,7 +5,7 @@ require_once '../../includes/session.php';
 require_once '../../includes/config.php';
 require_once '../../includes/authenticate.php';

-$entity = escapeshellcmd($_POST['entity']);
+$entity = escapeshellarg($_POST['entity']);

 if (isset($entity)) {