From ce5d99fe6b63af7cfcf34f631e03bd14487168b4 Mon Sep 17 00:00:00 2001
From: Jamie Cameron <jcameron@webmin.com>
Date: Mon, 25 Dec 2017 23:09:44 -0800
Subject: [PATCH] Escape uploaded path

---
 updown/upload.cgi | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/updown/upload.cgi b/updown/upload.cgi
index a190e8b99..ae74a17e1 100755
--- a/updown/upload.cgi
+++ b/updown/upload.cgi
@@ -70,7 +70,8 @@ for($i=0; defined($in{"upload$i"}); $i++) {
 		else {
 			$path = $in{'dir'};
 			}
-		print &text('upload_saving', "<tt>$path</tt>"),"<br>\n";
+		print &text('upload_saving',
+			    "<tt>".&html_escape($path)."</tt>"),"<br>\n";
 		if (!&open_tempfile(FILE, ">$path", 1)) {
 			&error(&text('upload_eopen', "<tt>$path</tt>", $!));
 			}