From 2c7d7e404452b987f51e091a3a9d384316c4fd60 Mon Sep 17 00:00:00 2001
From: "alejandro.campos@artica.es" <alejandro.campos@artica.es>
Date: Thu, 3 Nov 2022 13:53:10 +0100
Subject: [PATCH] fixed vulnerability in load of help iframes

---
 pandora_console/include/class/HelpFeedBack.class.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/pandora_console/include/class/HelpFeedBack.class.php b/pandora_console/include/class/HelpFeedBack.class.php
index 7b035dd74e1..bfbf4adc4e7 100644
--- a/pandora_console/include/class/HelpFeedBack.class.php
+++ b/pandora_console/include/class/HelpFeedBack.class.php
@@ -94,7 +94,8 @@ public function run()
         ui_require_css_file('help_feedback');
 
         $help_url = get_parameter('b', null);
-        $help_url = base64_decode($help_url);
+        $help_url = io_safe_input(base64_decode($help_url));
+
         if ($help_url === null) {
             echo __('Page not found');
         } else {