firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2022-0193] 그누보드(영카트) SSRF & Business Logic Bug 취약점 수정

Browse Source
This commit is contained in:
thisgun
2022-06-17 17:11:05 +09:00
parent d4f4612b22
commit 22ea3d39c1
7 changed files with 22 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
shop/inicis/libs/HttpClient.php
View File

@ -36,7 +36,7 @@ class HttpClient {
// [scheme] => https
// [host] => fcstdpay.inicis.com || stdpay.inicis.com || ksstdpay.inicis.com
// [path] => /api/payAuth
if (preg_match("#\.inicis\.com$#", $url_data["host"]) == false) {
if (! is_inicis_url_return($url)) {
return false;
}