From 1738c23576e7f95afee88b7c8831232b0d1019fd Mon Sep 17 00:00:00 2001
From: Olle Haerstedt <olle.haerstedt@limesurvey.org>
Date: Wed, 28 Feb 2018 14:13:26 +0100
Subject: [PATCH] Fixed issue #13428: Reflected XSS in file uploader

---
 application/controllers/UploaderController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/application/controllers/UploaderController.php b/application/controllers/UploaderController.php
index c092acd8c92..9c0f0f22f6e 100644
--- a/application/controllers/UploaderController.php
+++ b/application/controllers/UploaderController.php
@@ -37,7 +37,7 @@ function run($actionID)
         $sFileName = Yii::app()->request->getParam('filename', ''); // The file to delete fu_ or fu_tmp
         $sOriginalFileName = Yii::app()->request->getParam('name', ''); // Used for javascript return only
         $sMode = Yii::app()->request->getParam('mode');
-        $sPreview = Yii::app()->request->getParam('preview', 0);
+        $sPreview = htmlspecialchars(Yii::app()->request->getParam('preview', 0));
 
         // Validate and filter and throw error if problems
         // Using 'futmp_'.randomChars(15).'_'.$pathinfo['extension'] for filename, then remove all other characters