xss: AJAX Paths

This mitigates a vulnerability reported by indevi0us where XSS is possible via some AJAX paths.
osTicket · Mar 8, 2023 · 343a2b4 · 343a2b4
1 parent 619ce0f
commit 343a2b4
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/include/class.osticket.php b/include/class.osticket.php
@@ -366,10 +366,10 @@ function get_db_input($index, $vars, $quote=true) {
 
     static function get_path_info() {
         if(isset($_SERVER['PATH_INFO']))
-            return $_SERVER['PATH_INFO'];
+            return htmlentities($_SERVER['PATH_INFO']);
 
         if(isset($_SERVER['ORIG_PATH_INFO']))
-            return $_SERVER['ORIG_PATH_INFO'];
+            return htmlentities($_SERVER['ORIG_PATH_INFO']);
 
         //TODO: conruct possible path info.