Skip to content

Commit

Permalink
Merge pull request from GHSA-hmxj-vrfr-jc65
Browse files Browse the repository at this point in the history
  • Loading branch information
Judx authored Dec 21, 2023
1 parent a42a85b commit 66eaec5
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions app/code/core/Mage/Core/Model/Input/Filter/MaliciousCode.php
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,8 @@ class Mage_Core_Model_Input_Filter_MaliciousCode implements Zend_Filter_Interfac
'/(ondblclick|onclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|onload|onunload|onerror|onanimationstart|onfocus|onloadstart|ontoggle)\s*=[^>]*(?=\>)/Uis',
//tags
'/<\/?(script|meta|link|frame|iframe|object).*>/Uis',
//scripts
'/<\?\s*?(php|=).*>/Uis',
//base64 usage
'/src\s*=[^<]*base64[^<]*(?=\>)/Uis',
//data attribute
Expand Down

0 comments on commit 66eaec5

Please sign in to comment.