Skip to content

Commit

Permalink
Minor XSS Issue
Browse files Browse the repository at this point in the history 
https://www.huntr.dev/bounties/1624825505923-FalconChristmas/fpp/
  • Loading branch information
@ghormann
ghormann committed Jul 2, 2021
1 parent 9e89ae3 commit 24adba4
Showing 1 changed file with 5 additions and 2 deletions.
7 changes: 5 additions & 2 deletions www/pluginconfig.php
View file
@@ -1,11 +1,14 @@
<?
$pluginSettings = array();

$pluginConfigFile = $settings['configDirectory'] . "/plugin." . $_GET['plugin'];
$pluginName = htmlspecialchars($_GET['plugin'], ENT_QUOTES, 'UTF-8');

$pluginConfigFile = $settings['configDirectory'] . "/plugin." . $pluginName;
echo ($pluginConfigFile);
if (file_exists($pluginConfigFile))
$pluginSettings = parse_ini_file($pluginConfigFile);

$pluginSettings['plugin'] = $_GET['plugin'];
$pluginSettings['plugin'] = $pluginName;

if (!isset($skipJSsettings))
{
Expand Down

0 comments on commit 24adba4

Please sign in to comment.