mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix url generator XSS (#12507)

Browse Source
This commit is contained in:
Jellyfrog
2021-02-08 02:43:34 +01:00
committed by GitHub
parent 3d02e76e0e
commit ee1606d799
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
LibreNMS/Util/Url.php
View File

@@ -294,7 +294,7 @@ class Url
$url = empty($vars) ? '' : $prefix; $url = empty($vars) ? '' : $prefix;
foreach ($vars as $var => $value) { foreach ($vars as $var => $value) {
if ($value == '0' || $value != '' && ! Str::contains($var, 'opt') && ! is_numeric($var)) { if ($value == '0' || $value != '' && ! Str::contains($var, 'opt') && ! is_numeric($var)) {
$url .= $var . '=' . urlencode($value) . '/'; $url .= urlencode($var) . '=' . urlencode($value) . '/';
} }
} }