mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Security fixes XSS in oxidized-cfg-check.inc.php and print-customoid.php (#14126)

Browse Source 
Signed-off-by: AL-KASSAR <feras.al-kassar@sap.com>
This commit is contained in:
Feras Al-Kassar
2022-07-20 19:45:42 +02:00
committed by GitHub
parent 98da97c816
commit e5c91a0f83
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
includes/html/pages/tools/oxidized-cfg-check.inc.php
+1
View File
@@ -8,6 +8,7 @@ if (isset($_POST['config'])) {
$oxidized_cfg = Yaml::parse($_POST['config']);
$validate_cfg = validate_oxidized_cfg($oxidized_cfg);
foreach ($validate_cfg as $error) {
$error = htmlspecialchars($error);
echo "<div class='alert alert-danger'>$error</div>";
}
if (empty($validate_cfg)) {
includes/html/print-customoid.php
+1 -1
View File
@@ -74,7 +74,7 @@ if (isset($device['device_id']) && $device['device_id'] > 0) {
$count = dbFetchCell("SELECT COUNT(*) $query $where", $param);
if (isset($_POST['page_num']) && $_POST['page_num'] > 0 && $_POST['page_num'] <= $count) {
$page_num = $_POST['page_num'];
$page_num = intval($_POST['page_num']);
} else {
$page_num = 1;
}