From bd427cdfd9698a199aca8f319bcb1eb0ff50fa02 Mon Sep 17 00:00:00 2001
From: JediKev <kevin@enhancesoft.com>
Date: Wed, 6 Nov 2019 15:20:08 -0600
Subject: [PATCH] issue: Format File Name

This formats the filename before using it in an error to avoid chance of
XSS.
---
 include/api.tickets.php     | 2 +-
 include/class.mailfetch.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/api.tickets.php b/include/api.tickets.php
index 4ff2fbdad..1cff0b424 100644
--- a/include/api.tickets.php
+++ b/include/api.tickets.php
@@ -93,7 +93,7 @@ class TicketApiController extends ApiController {
                 catch (FileUploadError $ex) {
                     $name = $file['name'];
                     $file = array();
-                    $file['error'] = $name . ': ' . $ex->getMessage();
+                    $file['error'] = Format::htmlchars($name) . ': ' . $ex->getMessage();
                 }
             }
             unset($file);
diff --git a/include/class.mailfetch.php b/include/class.mailfetch.php
index a2d44337c..dd7edd815 100644
--- a/include/class.mailfetch.php
+++ b/include/class.mailfetch.php
@@ -847,7 +847,7 @@ class MailFetcher {
                 catch (FileUploadError $ex) {
                     $name = $file['name'];
                     $file = array();
-                    $file['error'] = $name . ': ' . $ex->getMessage();
+                    $file['error'] = Format::htmlchars($name) . ': ' . $ex->getMessage();
                 }
 
                 $vars['attachments'][] = $file;
-- 
GitLab