From 7f48302f1a3cb3806a2b14f61372ae1c72e60de3 Mon Sep 17 00:00:00 2001
From: Starbeamrainbowlabs <sbrl@starbeamrainbowlabs.com>
Date: Thu, 2 Sep 2021 21:08:01 +0100
Subject: [PATCH] Bugfix: Fix XSS via action GET parameter.

Ref CVE-2021-38601

Serously, don't make public GitHub repos before contacting me!

https://github.com/hmaverickadams/CVE-2021-38601
---
 core/45-environment-deferred.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/45-environment-deferred.php b/core/45-environment-deferred.php
index 4aae2ff..ca80bde 100644
--- a/core/45-environment-deferred.php
+++ b/core/45-environment-deferred.php
@@ -28,4 +28,4 @@ if($env->is_history_revision)
 else if(isset($pageindex->{$env->page}))
 	$env->page_filename .= $pageindex->{$env->page}->filename;
 
-$env->action = strtolower($_GET["action"]);
+$env->action = preg_replace("/[^a-z0-9\-_]/", "", strtolower($_GET["action"]));