Permalink
Browse files

Bugfix: Possible SQL injection in nat/item-add-submit.php. Fixes #2344

  • Loading branch information...
GaryAllan committed Dec 4, 2018
1 parent 4554be4 commit 856b10ca85a24c04ed8651f4e13f867ec78a353d
Showing with 7 additions and 0 deletions.
  1. +6 −0 app/admin/nat/item-add-submit.php
  2. +1 −0 misc/CHANGELOG
@@ -91,6 +91,12 @@
$nat_id = $_POST['id']; // nat id
$nat_type = $_POST['type']; // src, dst
// validate object type
if (!in_array($obj_type, ['subnets', 'ipaddresses'])) { $Result->show("danger", _("Invalid object type"), true); }
// validate object id
if (!is_numeric($obj_id)) { $Result->show("danger", _("Invalid object id"), true); }
// validate object
$item = $Tools->fetch_object ($obj_type, "id", $obj_id);
if($item!==false) {
@@ -51,6 +51,7 @@
+ Hide LDAP/AD/Radius username / password and secret from logs and syslog (#2006);
+ XSS in phpipamredirect cookie (#2338);
+ XSS in print-user.php, CSRF in user-edit.php (#2326);
+ Possible SQL injection in nat/item-add-submit.php (#2344);

== 1.3.2

0 comments on commit 856b10c

Please sign in to comment.