-
Notifications
You must be signed in to change notification settings - Fork 784
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
security fixes #973
security fixes #973
Conversation
…ossible vulnerability for that field
…ulnerability for that field
…e was a possible vulnerability for those field
…bility for that field
…ity for that field. Clean up some spacing issues
- Properly check for the $token from the request, to see if they only have alpha_numeric values. - Properly check email address if it's a valid email address There were security vulnerabilities where this wasn't checked properly.
@nielsdrost7
|
@Verony-makesIT can you make a PR where you remove the xss_clean from the rules from those fields? |
@nielsdrost7, sorry but I really don't understand what you expect from me with your request to create a PR.
|
Description
Fix some security vulnerabilities
Related Issue
Fixed a number of security vulnerabilities:
Mdl_email_templates.php
from_name
Mdl_clients.php
client_language
Mdl_clients.php
client_country
Mdl_custom_fields.php
is_natural
Mailer/Controllers/Mailer.php
to_email
Quotes/Controllers/Ajax.php
quote_id
Sessions/Controllers/Sessions.php
token
Sessions/Controllers/Sessions.php
email
Pull Request Checklist
Issue Type