fix: [security] XSS in community index

- As reported by Zigrin Security
MISP · Mar 25, 2023 · b94c797 · b94c797 · viggiano · Mar 29, 2023
1 parent c979ab3
commit b94c797
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/app/Lib/Tools/CustomPaginationTool.php b/app/Lib/Tools/CustomPaginationTool.php
@@ -27,6 +27,8 @@ public function createPaginationRules($items, $options, $model, $sort = 'id', $f
                 $params['options'][$v] = $options[$v];
             }
         }
+        $params['page'] = is_numeric($params['page']) ? $params['page'] : 1;
+        $params['limit'] = is_numeric($params['limit']) ? $params['limit'] : 60;
         $maxPage = floor($params['count'] / $params['limit']);
         if ($params['count'] % $params['limit'] != 0) {
             $maxPage += 1;