Fix SQL injection in get-host-dependencies (#13868)

Thanks to raf at TNP Consultants for reporting it
2024-10-07 16:52:45 +00:00 · 2022-03-24 03:39:24 +01:00
parent 09f3e9a1bc
commit 4df7968d81
1 changed files with 3 additions and 0 deletions
--- a/includes/html/forms/get-host-dependencies.inc.php
+++ b/includes/html/forms/get-host-dependencies.inc.php
@@ -31,6 +31,9 @@ if (! Auth::user()->hasGlobalAdmin()) {
                $order_by = '';
                if (isset($_POST['sort']) && is_array($_REQUEST['sort'])) {
                    foreach ($_REQUEST['sort'] as $key => $value) {
+                        $key = preg_replace('/[^A-Za-z0-9_]/', '', $key); // only allow plain columns
+                        $value = strtolower($value) == 'desc' ? 'DESC' : 'ASC';
+
                        $order_by .= " $key $value";
                    }
                } else {