composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

N°3412 - Command Injection vulnerability in the Setup Wizard - do not use escapeshellcmd before execution in Windows envt

Browse Source
This commit is contained in:
odain
2021-02-17 10:18:28 +01:00
parent bb877a244b
commit 82ba7f25b0
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
setup/setuputils.class.inc.php
View File

@@ -566,7 +566,7 @@ class SetupUtils
"$sGraphvizPath could not be executed: Please make sure it is installed and in the path");
}
if (!utils::IsWindows()){
if (!utils::IsWindowsEnvironment()){
$sGraphvizPath = escapeshellcmd($sGraphvizPath);
}
}