Skip to content

Commit

Permalink
Sanitise filter[Id] when parsing filter. Fixes GHSA-6rrw-66rf-6g5f
Browse files Browse the repository at this point in the history
  • Loading branch information
Isaac Connor committed May 30, 2024
1 parent 1fdfcf3 commit 4602cd0
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion web/skins/classic/views/filter.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,8 @@
if ( isset($_REQUEST['Id']) and $_REQUEST['Id'] ) {
$fid = validInt($_REQUEST['Id']);
} else if ( isset($_REQUEST['filter']) and isset($_REQUEST['filter']['Id']) ) {
$fid = validInt($_REQUEST['filter']['Id']);
# $_REQUEST['filter']['Id'] get used later in populating filter object, so need to sanitise it
$fid = $_REQUEST['filter']['Id'] = validInt($_REQUEST['filter']['Id']);
}
$filter = null;
foreach ( ZM\Filter::find(null,array('order'=>'lower(Name)')) as $Filter ) {
Expand Down

0 comments on commit 4602cd0

Please sign in to comment.