From b609e58b50c4a66573b85a1f2cee2ed41f3a9807 Mon Sep 17 00:00:00 2001
From: Ayham Al-Ali <20037329+AyhamAl-Ali@users.noreply.github.com>
Date: Sun, 2 Apr 2023 15:15:28 +0300
Subject: [PATCH] =?UTF-8?q?=E2=9A=92=20Fix=20Self-XSS=20#131?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 js/script.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/js/script.js b/js/script.js
index 9454a5f..13db42f 100644
--- a/js/script.js
+++ b/js/script.js
@@ -115,7 +115,7 @@ const fixedEncodeURIComponent = function (str) {
 }
 
 const rsg = {
-    ip: query.get('ip') || localStorage.getItem('ip') || '10.10.10.10',
+    ip: (query.get('ip') || localStorage.getItem('ip') || '10.10.10.10').replace(/[^a-zA-Z0-9.\-]/g, ''),
     port: query.get('port') || localStorage.getItem('port') || 9001,
     payload: query.get('payload') || localStorage.getItem('payload') || 'windows/x64/meterpreter/reverse_tcp',
     payload: query.get('type') || localStorage.getItem('type') || 'cmd-curl',