LimeSurvey: master c8becd05

Author Committer Branch Timestamp Parent
Abdulrahman Ahmad Al Bataineh GitHub master 2020-11-10 10:42:05 master 207bb0f0
Affected Issues  16817: bypassing file upload restrictions
Changeset

Fixed issue 16817: Missing MIME type check on survey import (#1638)

  • fix bypassing-file-upload-restrictions in import survey

  • using LSFileHelper to check mimetype & remove 'application/octet-stream'

  • add 'application/xml','application/zip','text/xml' to allow list mime types

Co-authored-by: a.albatayinah@psau.edu.sa <a.albatayinah@psau.edu.sa>

mod - application/controllers/admin/surveyadmin.php Diff File