N°9230 - Sanitize dashboard_id parameter in "revert_dashboard" operation of AJAX render function (#828)

2026-04-23 10:38:45 +02:00 · 2026-03-05 15:55:28 +01:00
parent 929b8b9eca
commit 104dd1970f
1 changed files with 1 additions and 1 deletions
--- a/pages/ajax.render.php
+++ b/pages/ajax.render.php
@@ -998,7 +998,7 @@ JS
 				break;

 			case 'revert_dashboard':
-				$sDashboardId = utils::ReadParam('dashboard_id', '', false, 'raw_data');
+				$sDashboardId = utils::ReadParam('dashboard_id', '', false, utils::ENUM_SANITIZATION_FILTER_CONTEXT_PARAM);
 				$sReloadURL = utils::ReadParam('reload_url', '', false, utils::ENUM_SANITIZATION_FILTER_URL);
 				appUserPreferences::UnsetPref('display_original_dashboard_'.$sDashboardId);
 				$oDashboard = new RuntimeDashboard($sDashboardId);