NussNougate/crafty-4
2
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2025-01-19 09:45:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix issue on path transversal backups linux

Browse Source
This commit is contained in:
amcmanu3 2022-06-21 17:35:34 -04:00
parent 7074dd18fb
commit 97900cd283
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/classes/web/panel_handler.py
View File

@ -1520,7 +1520,7 @@ class PanelHandler(BaseHandler):
== self.helper.wtol_path(
os.path.join(self.helper.backup_path, server_obj.server_uuid)
)
and self.helper.wtol_path(self.controller.project_root) in backup_path
and backup_path.startswith(self.helper.wtol_path(self.controller.project_root))
):
self.redirect(
"/panel/error?error=Nefarious activities detected."