Headline
CVE-2022-0379: update · microweber/microweber@f017cbf
Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11.
Permalink
Browse files
update
- Loading branch information
1 parent 7ef4339 commit f017cbfbd5c4f097d2c78c5e15b6c8a9da479d7b
Showing with 5 additions and 2 deletions.
- +0 −1 src/MicroweberPackages/Checkout/Http/Middleware/CheckoutV2.php
- +5 −1 src/MicroweberPackages/Checkout/routes/web.php
@@ -15,7 +15,6 @@ class CheckoutV2
*/
public function handle($request, Closure $next)
{
$checkCart = cart_get_items_count();
if (!$checkCart) {
@@ -3,7 +3,11 @@
// Private
Route::name(‘checkout.’)
// ->prefix(multilanguage_route_prefix(‘checkout’))
->middleware([\MicroweberPackages\App\Http\Middleware\VerifyCsrfToken::class, \MicroweberPackages\Checkout\Http\Middleware\CheckoutV2::class])
->middleware([
\MicroweberPackages\App\Http\Middleware\VerifyCsrfToken::class,
\MicroweberPackages\Checkout\Http\Middleware\CheckoutV2::class,
\MicroweberPackages\App\Http\Middleware\XSS::class
])
->namespace(‘\MicroweberPackages\Checkout\Http\Controllers’)
->group(function () {
0 comments on commit f017cbf
Please sign in to comment.