Skip to content

Commit

Permalink
[VD:core] fix #3617 Filename Restriction Bypass Leading To Persistent…
Browse files Browse the repository at this point in the history 
… Cross-site Scripting Vulnerability
  • Loading branch information
@nao-pon
nao-pon committed Dec 20, 2023
1 parent fc011b1 commit bb8c8dc
Showing 1 changed file with 7 additions and 1 deletion.
8 changes: 7 additions & 1 deletion php/elFinderVolumeDriver.class.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4919,7 +4919,13 @@ static protected function mimetypeInternalDetect($path = '')
$pinfo = pathinfo($path);
$ext = isset($pinfo['extension']) ? strtolower($pinfo['extension']) : '';
}
return ($ext && isset(elFinderVolumeDriver::$mimetypes[$ext])) ? elFinderVolumeDriver::$mimetypes[$ext] : 'unknown';
$res = ($ext && isset(elFinderVolumeDriver::$mimetypes[$ext])) ? elFinderVolumeDriver::$mimetypes[$ext] : 'unknown';
// Recursive check if MIME type is unknown with multiple extensions
if ($res === 'unknown' && strpos($pinfo['filename'], '.')) {
return elFinderVolumeDriver::mimetypeInternalDetect($pinfo['filename']);
} else {
return $res;
}
}

/**
Expand Down

0 comments on commit bb8c8dc

Please sign in to comment.