Findings (validated by xAI Grok security review)
Stored XSS via unescaped DB output (MEDIUM)
72 instances in mikrotik.php where $row values are printed directly into HTML without html_escape(). Examples:
- mikrotik.php:471-476: RxBytes, TxBytes, RxPackets, TxPackets, RxErrors, TxErrors
- mikrotik.php:770-773: BytesIn, BytesOut, PacketsIn, PacketsOut
While these are numeric values passed through mikrotik_memory(), any string-type DB columns output without escaping are XSS vectors.
Recommended fix
Audit all print statements outputting DB values and add html_escape() where the value could contain user-controlled strings.
Findings (validated by xAI Grok security review)
Stored XSS via unescaped DB output (MEDIUM)
72 instances in mikrotik.php where $row values are printed directly into HTML without html_escape(). Examples:
While these are numeric values passed through mikrotik_memory(), any string-type DB columns output without escaping are XSS vectors.
Recommended fix
Audit all print statements outputting DB values and add html_escape() where the value could contain user-controlled strings.