Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Fix add remove_* action as sensitive action
  • Loading branch information
eldy committed Sep 18, 2021
1 parent d760686 commit c3e8857
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion htdocs/main.inc.php
Expand Up @@ -473,7 +473,7 @@ function analyseVarsForSqlAndScriptsInjection(&$var, $type)
if (in_array(GETPOST('action', 'aZ09'), $arrayofactiontoforcetokencheck)) {
$sensitiveget = true;
}
if (preg_match('/^(classify|confirm_|delete|disable|enable|setremise)/', GETPOST('action', 'aZ09'))) {
if (preg_match('/^(classify|confirm_|delete|disable|enable|remove_|setremise)/', GETPOST('action', 'aZ09'))) {
$sensitiveget = true;
}

Expand Down

0 comments on commit c3e8857

Please sign in to comment.