Fix ESCAPE issues in IP reputation and user manager
- Added -- separator to grep/awk commands in lib/ip-reputation.sh (4 fixes) - Added -- separator to grep commands in lib/user-manager.sh (2 fixes) - Prevents filename injection attacks 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
cschantz
+2
-2
@@ -124,8 +124,8 @@ get_cpanel_user_info() {
|
||||
fi
|
||||
|
||||
# Parse cPanel user file
|
||||
local primary_domain=$(grep "^DNS=" "$user_file" | cut -d= -f2)
|
||||
local email=$(grep "^CONTACTEMAIL=" "$user_file" | cut -d= -f2)
|
||||
local primary_domain=$(grep "^DNS=" -- "$user_file" | cut -d= -f2)
|
||||
local email=$(grep "^CONTACTEMAIL=" -- "$user_file" | cut -d= -f2)
|
||||
|
||||
# cPanel doesn't store HOMEDIR in user file - it's always /home/username
|
||||
local home_dir="/home/${username}"
|
||||
|
||||
Reference in New Issue
Block a user