From 084e36d0a0e4aa2809065f5f438d93dd5227534d Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Fri, 8 Jul 2022 18:38:13 -0600
Subject: [PATCH]  Sanitize the menu link by restricting it to specific
 characters.

---
 resources/classes/menu.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/resources/classes/menu.php b/resources/classes/menu.php
index 1adae9bb0c..079a552684 100644
--- a/resources/classes/menu.php
+++ b/resources/classes/menu.php
@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Copyright (C) 2010 - 2020
+	Copyright (C) 2010 - 2022
 	All Rights Reserved.
 
 	Contributor(s):
@@ -420,6 +420,9 @@ if (!class_exists('menu')) {
 									$menu_item_order = $menu['order'];
 									$menu_item_description = $menu['desc'];
 
+								//sanitize the menu link
+									$menu_item_path = preg_replace('#[^a-zA-Z0-9_\-\.\&\=\?\/]#', '', $menu_item_path);
+
 								//check if the menu item exists and if it does set the row array
 									$menu_item_exists = false;
 									foreach ($menu_items as $item) {