Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge pull request #10286 from uberbrady/fix_bulk_audit_xss
Escape asset_tag attribute at controller level for bulk checkout
  • Loading branch information
snipe committed Nov 9, 2021
2 parents edf98cb + 3ea209a commit 9ed1442
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion app/Http/Controllers/Api/AssetsController.php
Expand Up @@ -910,7 +910,7 @@ public function audit(Request $request) {
}
}

return response()->json(Helper::formatStandardApiResponse('error', ['asset_tag'=> e($request->input('asset_tag'))], 'Asset with tag '.$request->input('asset_tag').' not found'));
return response()->json(Helper::formatStandardApiResponse('error', ['asset_tag'=> e($request->input('asset_tag'))], 'Asset with tag '.e($request->input('asset_tag')).' not found'));



Expand Down

0 comments on commit 9ed1442

Please sign in to comment.