• Closed
• 28 Dec 2020
• Medium
• Build: Beta6-Dev
•   # 31517

• Categories:
• com_media
• Libraries

ceford
28 Nov 2020

Steps to reproduce the issue

Look at code: libraries/Helper/MediaHelper.php line 300

$xss_check = file_get_contents($file['tmp_name'], false, null, -1, 256);

It makes no sense to me. It reads in the last character so none of the following tag tests can ever find a tag.

If terminated after the file name it can successfully reject a bad svg file.

$xss_check = file_get_contents($file['tmp_name']);//, false, null, -1, 256);

Can someone explain?

Expected result

Actual result

System information (as much as possible)

Additional comments

ceford - open - 28 Nov 2020

joomla-cms-bot - labeled - 28 Nov 2020

ceford - change - 28 Nov 2020

The description was changed

ceford - edited - 28 Nov 2020

bembelimen - change - 28 Dec 2020

Status	New	⇒	Closed
Closed_Date	0000-00-00 00:00:00	⇒	2020-12-28 01:00:33
Closed_By		⇒	bembelimen

bembelimen - close - 28 Dec 2020

Add a Comment

• Older
• Newer