mirror of
https://github.com/billz/raspap-webgui.git
synced 2023-10-10 13:37:24 +02:00
Fix xss in interface parameter.
This commit is contained in:
parent
c9377c1c04
commit
ec1f8022fe
@ -508,7 +508,7 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $status)
|
||||
if (! in_array($_POST['interface'], $interfaces)) {
|
||||
// The user is probably up to something here but it may also be a
|
||||
// genuine error.
|
||||
$status->addMessage('Unknown interface '.$_POST['interface'], 'danger');
|
||||
$status->addMessage('Unknown interface '.htmlspecialchars($_POST['interface'], ENT_QUOTES), 'danger');
|
||||
$good_input = false;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user