Fix url generator XSS (#12507)

2024-09-21 10:28:13 +00:00 · 2021-02-08 02:43:34 +01:00 · 2021-02-08 02:43:34 +01:00 · ee1606d799
commit ee1606d799
parent 3d02e76e0e
1 changed files with 1 additions and 1 deletions
--- a/LibreNMS/Util/Url.php
+++ b/LibreNMS/Util/Url.php
@ -294,7 +294,7 @@ class Url
        $url = empty($vars) ? '' : $prefix;
        foreach ($vars as $var => $value) {
            if ($value == '0' || $value != '' && ! Str::contains($var, 'opt') && ! is_numeric($var)) {
-                $url .= $var . '=' . urlencode($value) . '/';
+                $url .= urlencode($var) . '=' . urlencode($value) . '/';
            }
        }