Permalink
Browse files

[#21464023] Security: arbitrary file inclusion

Poor input cleansing can allow a well-constructed cookie
to return the contents of arbitrary file system objects.
  • Loading branch information...
1 parent d11b325 commit 8ea6f7bc37d05a9ec25b5afbea011cf9de5f1e49 @ctfliblime ctfliblime committed Nov 25, 2011
Showing with 1 addition and 0 deletions.
  1. +1 −0 C4/Output.pm
View
@@ -143,6 +143,7 @@ sub themelanguage {
if $http_accept_language;
# But, if there's a cookie set, obey it
$lang = $query->cookie('KohaOpacLanguage') if $query->cookie('KohaOpacLanguage');
+ $lang =~ s/[^\p{IsAlnum}\-_]//g;
# Fall back to English
my @languages;
if ($interface eq 'intranet') {

0 comments on commit 8ea6f7b

Please sign in to comment.