Cavemanon/piratepoet
8
Fork 0
Code Pull Requests Actions Releases 16 Activity

Sanitise post id before constructing URL

Browse Source 
Fixes: https://github.com/mailpoet/mailpoet/security/code-scanning/17
This commit is contained in:
Pavel Dohnal
2024-12-04 10:10:28 +01:00
committed by Oluwaseun Olorunsola
parent ca75489ab0
commit d6415e07e1
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
mailpoet/assets/js/src/newsletters/send.tsx
View File

@@ -874,7 +874,7 @@ class NewsletterSendComponent extends Component<
MailPoet.FeaturesController.isSupported( MailPoet.FeaturesController.isSupported(
'gutenberg_email_editor', 'gutenberg_email_editor',
) && wpPostId ) && wpPostId
? MailPoet.getBlockEmailEditorUrl(wpPostId) ? MailPoet.getBlockEmailEditorUrl(Number(wpPostId))
: `?page=mailpoet-newsletter-editor&id=${Number( : `?page=mailpoet-newsletter-editor&id=${Number(
this.props.params.id, this.props.params.id,
)}` )}`