Fixed issue #13428: Reflected XSS in file uploader

LimeSurvey · Feb 28, 2018 · 796d300 · 796d300
1 parent 4ab24f7
commit 796d300
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/application/controllers/UploaderController.php b/application/controllers/UploaderController.php
@@ -37,7 +37,7 @@ function run($actionID)
         $sFileName = Yii::app()->request->getParam('filename', ''); // The file to delete fu_ or fu_tmp
         $sOriginalFileName = Yii::app()->request->getParam('name', ''); // Used for javascript return only
         $sMode = Yii::app()->request->getParam('mode');
-        $sPreview = htmlspecialchars(Yii::app()->request->getParam('preview', 0));
+        $sPreview = (int) Yii::app()->request->getParam('preview', 0);
 
         // Validate and filter and throw error if problems
         // Using 'futmp_'.randomChars(15).'_'.$pathinfo['extension'] for filename, then remove all other characters