<p>works in conjunction with <a href="https://github.com/opentechinstitute/luci-commotion/pull/29" class="issue-link" title="added validation and sanitizing functions for mitigating RCE vulnerabilities">opentechinstitute/luci-commotion#29</a></p>

<p>part of fix for <a href="https://github.com/opentechinstitute/luci-commotion-apps/issues/10" class="issue-link" title="RCE in add local applications form ‘ipaddr’ parameter (Critical)">opentechinstitute/luci-commotion-apps#10</a>, <a href="https://github.com/opentechinstitute/luci-commotion-apps/issues/11" class="issue-link" title="RCE in add local applications form ‘uuid’ parameter (Critical)">opentechinstitute/luci-commotion-apps#11</a>, <a href="https://github.com/opentechinstitute/luci-commotion-apps/issues/13" class="issue-link" title="Arbitrary file removal in add local applications form ‘uuid’ parameter (High)">opentechinstitute/luci-commotion-apps#13</a></p>

<hr>

<h4>You can merge this Pull Request by running</h4>
<pre>  git pull https://github.com/opentechinstitute/luci-commotion-apps fix-RCE</pre>
<p>Or view, comment on, or merge it at:</p>
<p>  <a href='https://github.com/opentechinstitute/luci-commotion-apps/pull/21'>https://github.com/opentechinstitute/luci-commotion-apps/pull/21</a></p>

<h4>Commit Summary</h4>
<ul>
  <li>added input validation and sanitizing for mitigating RCE vulnerabilities</li>
</ul>

<h4>File Changes</h4>
<ul>
  <li>
    <strong>M</strong>
    <a href="https://github.com/opentechinstitute/luci-commotion-apps/pull/21/files#diff-0">lua/luci/controller/commotion/apps_controller.lua</a>
    (11)
  </li>
</ul>

<h4>Patch Links:</h4>
<ul>
  <li><a href='https://github.com/opentechinstitute/luci-commotion-apps/pull/21.patch'>https://github.com/opentechinstitute/luci-commotion-apps/pull/21.patch</a></li>
  <li><a href='https://github.com/opentechinstitute/luci-commotion-apps/pull/21.diff'>https://github.com/opentechinstitute/luci-commotion-apps/pull/21.diff</a></li>
</ul>