From ec7264c9462d447beedcd77c33c904c1c066f834 Mon Sep 17 00:00:00 2001
From: Usman Nasir <usman@cyberpersons.com>
Date: Mon, 30 Aug 2021 12:56:26 +0500
Subject: [PATCH] =?UTF-8?q?securityfix:=20CP-30:=20Manage=20Website=20?=
 =?UTF-8?q?=E2=80=93=20Compose?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 emailMarketing/emailMarketingManager.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/emailMarketing/emailMarketingManager.py b/emailMarketing/emailMarketingManager.py
index e1adc45e4..c5c623a30 100755
--- a/emailMarketing/emailMarketingManager.py
+++ b/emailMarketing/emailMarketingManager.py
@@ -690,6 +690,9 @@ class EmailMarketingManager:
             replyTo = data['replyTo']
             emailMessage = data['emailMessage']
 
+            if ACLManager.CheckRegEx('[\w\d\s]+$', name) == 0:
+                return ACLManager.loadErrorJson()
+
             admin = Administrator.objects.get(pk=userID)
             newTemplate = EmailTemplate(owner=admin, name=name.replace(' ', ''), subject=subject, fromName=fromName, fromEmail=fromEmail,
                                         replyTo=replyTo, emailMessage=emailMessage)