Fix XSS in edit server and add package

hestiacp · Sep 18, 2023 · 5131f5a · 5131f5a
1 parent c086719
commit 5131f5a
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 3 deletions.
diff --git a/web/edit/server/index.php b/web/edit/server/index.php
@@ -358,7 +358,9 @@
 					$return_var,
 				);
 				check_return_code($return_var, $output);
-				$v_timezone = $_POST["v_timezone"];
+				if (in_array($_POST["v_timezone"], $v_timezones)) {
+					$v_timezone = $_POST["v_timezone"];
+				}
 				unset($output);
 			}
 		}

diff --git a/web/templates/includes/js.php b/web/templates/includes/js.php
@@ -9,7 +9,7 @@
 			NOTIFICATIONS_EMPTY: '<?= _("No notifications") ?>',
 			NOTIFICATIONS_DELETE_ALL: '<?= _("Delete all notifications") ?>',
 			CONFIRM_LEAVE_PAGE: '<?= _("Are you sure you want to leave the page?") ?>',
-			ERROR_MESSAGE: '<?= !empty($_SESSION["error_msg"]) ? htmlentities($_SESSION["error_msg"]) : "" ?>',
+			ERROR_MESSAGE: '<?= !empty($_SESSION["error_msg"]) ? htmlentities($_SESSION["error_msg"],ENT_QUOTES) : "" ?>',
 			BLACKLIST: '<?= _("BLACKLIST") ?>',
 			IPVERSE: '<?= _("IPVERSE") ?>'
 		});

diff --git a/web/templates/pages/add_package.php b/web/templates/pages/add_package.php
@@ -117,7 +117,6 @@ class="fas icon-dim icon-maroon js-section-toggle-icon"
 						<select class="form-select" name="v_backend_template" id="v_backend_template">
 							<?php
 								foreach ($backend_templates as $key => $value) {
-								echo $v_backend_template;
 									echo "\t\t\t\t<option value=\"".$value."\"";
 									if ((!empty($v_backend_template)) && ( $value == trim($v_backend_template, "'"))){
 										echo ' selected' ;