X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/kivitendo-erp.git/blobdiff_plain/44472690fcd26f0c9bd21d7e9d697dbf77c55275..ab96e204a2beec2302b1850df50f45a6e67a13c4:/SL/Form.pm

diff --git a/SL/Form.pm b/SL/Form.pm
index 6e60b76c4..978a01596 100644
--- a/SL/Form.pm
+++ b/SL/Form.pm
@@ -690,7 +690,9 @@ sub redirect {
 
   if ($self->{callback}) {
 
-    ($script, $argv) = split(/\?/, $self->{callback});
+    ($script, $argv) = split(/\?/, $self->{callback}, 2);
+    $script =~ s|.*/||;
+    $script =~ s|[^a-zA-Z_\.]||g;
     exec("perl", "$script", $argv);
 
   } else {