From 40e3071d953eea02ec891c360899b787744a16d6 Mon Sep 17 00:00:00 2001 From: rjindael Date: Sat, 10 Jun 2023 23:49:32 -0700 Subject: [PATCH] Untrust user input for ZxcvbnDictionary --- src/Rules/ZxcvbnDictionary.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Rules/ZxcvbnDictionary.php b/src/Rules/ZxcvbnDictionary.php index 9d39912..2c6e3fe 100644 --- a/src/Rules/ZxcvbnDictionary.php +++ b/src/Rules/ZxcvbnDictionary.php @@ -16,7 +16,7 @@ class ZxcvbnDictionary implements Rule */ public function __construct($input1 = null, $input2 = null) { - $this->input = array_filter([$input1, $input2]); + $this->input = array_filter([base64_decode($input1), base64_decode($input2)]); } public static function handle(): string