From 473f66f28a8c246f2dbf9408ebe358e210bac4e6 Mon Sep 17 00:00:00 2001
From: elmahdiabbassi <emabbassi-ext@centreon.com>
Date: Thu, 27 Oct 2022 16:28:50 +0100
Subject: [PATCH] fix security vulnerabilities in view log filee

---
 www/include/eventLogs/viewLog.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/www/include/eventLogs/viewLog.php b/www/include/eventLogs/viewLog.php
index 99f63a161de..53b1ef43781 100644
--- a/www/include/eventLogs/viewLog.php
+++ b/www/include/eventLogs/viewLog.php
@@ -429,7 +429,7 @@ function log_4_engine_page(id, formu, num) {
     var _host = <?php echo !empty($user_params["log_filter_host"]) ? $user_params["log_filter_host"] : 'false'; ?>;
     var _service = <?php echo !empty($user_params["log_filter_svc"]) ? $user_params["log_filter_svc"] : 'false'; ?>;
     // Casting engine variable so that it can be properly interpreted in JS
-    var _engine = <?php echo (int) $getInputs['engine']; ?>;
+    var _engine = <?php echo htmlspecialchars((int)$getInputs['engine']); ?>;
 
     var _down = <?php echo $user_params["log_filter_host_down"]; ?>;
     <?php echo !empty($user_params["log_filter_notif"]) ? $user_params["log_filter_notif"] : 'false'; ?>;