Skip to content
Permalink
Browse files
security fix: submitDomainCreation
  • Loading branch information
usmannasir committed Feb 8, 2020
1 parent 7b3029e commit 4611c327d6c741f9daf71b8e16a0315ba7a91300
Showing 1 changed file with 3 additions and 0 deletions.
@@ -261,6 +261,9 @@ def submitDomainCreation(self, userID=None, data=None):
else:
return ACLManager.loadErrorJson('createWebSiteStatus', 0)

if data['path'].find('..') > -1:
return ACLManager.loadErrorJson('createWebSiteStatus', 0)

if currentACL['admin'] != 1:
data['openBasedir'] = 1

0 comments on commit 4611c32

Please sign in to comment.