StarMC/Astral-nook
StarMC/Astral-nook
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix security vulnerability in file manager allowing XSS attack

Browse source
This commit is contained in:
Dane Everitt 2019-06-21 21:04:42 -07:00
parent cd7ec731dc
commit 06ff76e2e9
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
7 changed files with 25 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

2
public/themes/pterodactyl/js/frontend/files/src/contextmenu.js
View file

@ -62,7 +62,7 @@ class ContextMenuClass {
if (Pterodactyl.permissions.createFiles) {
buildMenu += '<li class="divider"></li> \
<li data-action="file"><a href="/server/'+ Pterodactyl.server.uuidShort +'/files/add/?dir=' + newFilePath + '" class="text-muted"><i class="fa fa-fw fa-plus"></i> New File</a></li> \
<li data-action="file"><a href="/server/'+ Pterodactyl.server.uuidShort +'/files/add/?dir=' + $('<div>').text(newFilePath).html() + '" class="text-muted"><i class="fa fa-fw fa-plus"></i> New File</a></li> \
<li data-action="folder"><a tabindex="-1" href="#"><i class="fa fa-fw fa-folder"></i> New Folder</a></li>';
}