[svn r21105] Fixed vulnerable get parameter: action - partial FS#4261

16 years ago · 0e4227493e
parent 844b620393
commit 0e4227493e
2 changed files with 3 additions and 3 deletions
--- a/main/inc/lib/fckeditor/editor/plugins/ImageManager/Classes/ImageEditor.php
+++ b/main/inc/lib/fckeditor/editor/plugins/ImageManager/Classes/ImageEditor.php
@ -430,7 +430,7 @@ class ImageEditor
 	{
 		$action = null;
 		if(isset($_GET['action']))			 
-			$action = $_GET['action'];
+			$action = str_replace('"','',$_GET['action']);
 		Return $action;
 	}

--- a/main/inc/lib/fckeditor/editor/plugins/ImageManager/editorFrame.php
+++ b/main/inc/lib/fckeditor/editor/plugins/ImageManager/editorFrame.php
@ -49,7 +49,7 @@
 <script type="text/javascript">
 // <![CDATA[

-	var processedAction = "<?php echo (isset($_GET['action']) ? $_GET['action'] : ''); ?>";
+	var processedAction = "<?php echo (isset($_GET['action']) ? str_replace('"','',$_GET['action']) : ''); ?>";

 	if (processedAction == 'replace' && parent.old)
 	{