MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [security] Correctly sanitize search string in Galaxy view 

- As reported by Dawid Czarnecki
pull/5615/head
mokaddem 2020-02-10 14:35:09 +01:00
parent 8e2da13e0e
commit 3d982d92fd
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/View/Galaxies/view.ctp
View File

@ -41,7 +41,7 @@ $(document).ready(function () {
$uri = "/galaxy_clusters/index/" . $galaxy['Galaxy']['id'];
if (isset($passedArgsArray)) $uri .= '/searchall:' . $passedArgsArray['all'];
?>
$.get("<?php echo $uri;?>", function(data) {
$.get("<?php echo h($uri);?>", function(data) {
$("#clusters_div").html(data);
});