From 75fbeb063af08249959a98950fa4e0e996c7fa3e Mon Sep 17 00:00:00 2001
From: Thorsten Rinne <thorsten@phpmyfaq.de>
Date: Sun, 17 Mar 2024 19:11:47 +0100
Subject: [PATCH] fix: avoid possible path traversal

---
 phpmyfaq/admin/configuration.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/phpmyfaq/admin/configuration.php b/phpmyfaq/admin/configuration.php
index 940d8503da..bfdd704e35 100644
--- a/phpmyfaq/admin/configuration.php
+++ b/phpmyfaq/admin/configuration.php
@@ -58,6 +58,13 @@
         if (isset($editData['edit']['main.currentVersion'])) {
             unset($editData['edit']['main.currentVersion']); // don't update the version number
         }
+        if (isset($editData['edit']['records.attachmentsPath'])) {
+            $editData['edit']['records.attachmentsPath'] = str_replace(
+                '../',
+                '',
+                $editData['edit']['records.attachmentsPath']
+            );
+        }
 
         if (
             isset($editData['edit']['main.referenceURL']) &&