Fix Service Template XSS (#14659)

Reported via huntr.dev by @vautia
2024-10-07 16:52:45 +00:00 · 2022-11-19 21:51:35 -06:00
parent 41967743f4
commit b7b037bf4d
1 changed files with 1 additions and 1 deletions
--- a/app/Http/Controllers/ServiceTemplateController.php
+++ b/app/Http/Controllers/ServiceTemplateController.php
@@ -355,7 +355,7 @@ class ServiceTemplateController extends Controller
        Service::where('service_template_id', $template->id)->delete();
        $template->delete();

-        $msg = __('Service Template :name deleted, Services removed', ['name' => $template->name]);
+        $msg = __('Service Template :name deleted, Services removed', ['name' => htmlentities($template->name)]);

        return response($msg, 200);
    }