From e6b1ecb8516ec413449e06ef1f7236b58f6b4c44 Mon Sep 17 00:00:00 2001
From: Sebastiaan Janssen <sebastiaan@umbraco.com>
Date: Thu, 5 Jan 2017 11:51:54 +0100
Subject: [PATCH] Better way of cleaning the file extension to prevent XSS
 attacks

---
 src/Umbraco.Web/Editors/MediaController.cs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/Umbraco.Web/Editors/MediaController.cs b/src/Umbraco.Web/Editors/MediaController.cs
index 7a7e349a3c..fb17d9462e 100644
--- a/src/Umbraco.Web/Editors/MediaController.cs
+++ b/src/Umbraco.Web/Editors/MediaController.cs
@@ -525,7 +525,8 @@ namespace Umbraco.Web.Editors
             foreach (var file in result.FileData)
             {
                 var fileName = file.Headers.ContentDisposition.FileName.Trim(new[] { '\"' }).TrimEnd();
-                var ext = fileName.Substring(fileName.LastIndexOf('.') + 1).ToLower();
+                var safeFileName = fileName.ToSafeFileName();
+                var ext = safeFileName.Substring(safeFileName.LastIndexOf('.') + 1).ToLower();
 
                 if (UmbracoConfig.For.UmbracoSettings().Content.DisallowedUploadFiles.Contains(ext) == false)
                 {