From 63cc1ccacd1908292854dd8ca35d6fb5009ddbbb Mon Sep 17 00:00:00 2001
From: Michael Gapczynski <GapczynskiM@gmail.com>
Date: Wed, 9 May 2012 09:23:19 -0400
Subject: [PATCH] Sanitize group in togglegroups

---
 settings/ajax/togglegroups.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/settings/ajax/togglegroups.php b/settings/ajax/togglegroups.php
index 3ee3239dd89..f76e22f51d2 100644
--- a/settings/ajax/togglegroups.php
+++ b/settings/ajax/togglegroups.php
@@ -10,7 +10,7 @@ $error = "add user to";
 $action = "add";
 
 $username = $_POST["username"];
-$group = $_POST["group"];
+$group = htmlentities($_POST["group"]);
 
 if(!OC_Group::groupExists($group)){
 	OC_Group::createGroup($group);
-- 
GitLab