Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-13 11:57:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

* [FIX] Critical bugfix that prevents directory traversal in JS/CSS includes. Thanks to Jan Van for the notice

Browse Source
This commit is contained in:
nuxsmin
2016-12-24 13:02:48 +01:00
committed by Rubén Domínguez
parent f2f71e961b
commit b3f064a461
13 changed files with 56 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
css/css.php
View File

@@ -52,7 +52,7 @@ if (!$file) {
$Minify = new Minify();
$Minify->setType(Minify::FILETYPE_CSS);
$Minify->setBase(\SP\Init::$SERVERROOT . urldecode($base));
$Minify->setBase(urldecode($base));
$Minify->addFile(urldecode($file));
$Minify->getMinified();
}