From 9ea83bf875d1a0aa60beb8c69d620a15f3499335 Mon Sep 17 00:00:00 2001
From: Oleg Sh <soft_support@list.ru>
Date: Sat, 21 May 2022 16:09:08 +0200
Subject: [PATCH] Fix reflected xss. Thanks to Dennis.

---
 src/home.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/home.php b/src/home.php
index bb2a63e..92464d1 100755
--- a/src/home.php
+++ b/src/home.php
@@ -6,7 +6,7 @@
     $graphName = "";
     if (isset($_GET["graph"]))
     {
-        $graphId = $_GET["graph"];
+        $graphId = preg_replace( '/[\W]/', '', $_GET["graph"]);
         
         $graphSampleListFile = $g_config['graphSavePath'] . $g_config['graphExamplesFile'];