1berry/webmin
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Escape username in error

Browse Source
This commit is contained in:
Jamie Cameron 2023-12-23 08:42:59 -08:00
parent c136c380be
commit 83de10b7c2
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cron/save_cron.cgi
View File

@ -22,12 +22,12 @@ else {
# Check if this user is allowed to execute cron jobs
if (&supports_users()) {
&can_use_cron($in{'user'}) ||
&error(&text('save_eallow', $in{'user'}));
&error(&text('save_eallow', &html_escape($in{'user'})));
}
# Check module access control
&can_edit_user(\%access, $in{'user'}) ||
&error(&text('save_ecannot', $in{'user'}));
&error(&text('save_ecannot', &html_escape($in{'user'})));
@files = &unique((map { $_->{'file'} } @jobs),
"$config{'cron_dir'}/$in{'user'}");
@ -42,7 +42,7 @@ if (&supports_users()) {
&error($text{'save_euser'});
}
if (!defined(getpwnam($in{'user'}))) {
&error(&text('save_euser2', $in{'user'}));
&error(&text('save_euser2', &html_escape($in{'user'})));
}
}
&parse_times_input($job, \%in);