Encode download parameter before use. Fixes #9508

(cherry picked from commit ce77c104eee92cfbbc0d84980e60899295dadeac)
author: jim-p <jimp@netgate.com> 2019-05-09 15:17:35 -0400
committer: jim-p <jimp@netgate.com> 2019-05-09 15:17:59 -0400
commit: 48ab49abab178fc03c8b4b437994280272172781 (patch)
tree: 964b9d8d99ac422c9562d01c92f8a7facb462461
parent: 5b5bb2483cd955084809e877d56e620fe433dd1d (diff)
download: pfsense-48ab49abab178fc03c8b4b437994280272172781.zip
pfsense-48ab49abab178fc03c8b4b437994280272172781.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/usr/local/www/services_acb.php b/src/usr/local/www/services_acb.php
index c1ed112..56bfc6d 100644
--- a/src/usr/local/www/services_acb.php
+++ b/src/usr/local/www/services_acb.php
@@ -373,7 +373,7 @@ if ($_REQUEST['download']) {
 $tab_array[1] = array("Restore", $active, "/services_acb.php");
 
 if ($_REQUEST['download']) {
-	$tab_array[] = array("Revision", true, "/services_acb.php?download={$_REQUEST['download']}");
+	$tab_array[] = array("Revision", true, "/services_acb.php?download=" . htmlspecialchars($_REQUEST['download']));
 }
 
 $tab_array[] = array("Backup now", false, "/services_acb_backup.php");
author	jim-p <jimp@netgate.com>	2019-05-09 15:17:35 -0400
committer	jim-p <jimp@netgate.com>	2019-05-09 15:17:59 -0400
commit	48ab49abab178fc03c8b4b437994280272172781 (patch)
tree	964b9d8d99ac422c9562d01c92f8a7facb462461
parent	5b5bb2483cd955084809e877d56e620fe433dd1d (diff)
download	pfsense-48ab49abab178fc03c8b4b437994280272172781.zip pfsense-48ab49abab178fc03c8b4b437994280272172781.tar.gz