Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixes RCE exploit by validating verb parameter for toolbox before eva…
…l (backported from 3.4)
  • Loading branch information
Will Fyson committed Feb 5, 2021
1 parent 04a6bc9 commit 811edaa
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions cgi/toolbox/toolbox
Expand Up @@ -25,6 +25,11 @@ my $password = $session->param( "password" );

my %opts = ();

if ( $cmd !~ m/^[a-zA-Z0-9_]+$/ )
{
toolbox_fail( $session, "Invalid toolbox function" );
}

if( !$session->valid_login( $username, $password ) )
{
toolbox_fail( $session, "Invalid username/password" );
Expand Down

0 comments on commit 811edaa

Please sign in to comment.