]> git.ipfire.org Git - people/ms/ipfire-2.x.git/commit
projects / people / ms / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 763efaf) | patch
mail.cgi: Validate email recipient
authorMichael Tremer <michael.tremer@ipfire.org>
Tue, 6 Sep 2022 11:58:22 +0000 (13:58 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Tue, 6 Sep 2022 11:58:22 +0000 (13:58 +0200)
commitb03e32c69e3521bf3f5beab2de0be8fb505211eb
tree24bc632bbeb9621e86e395e61ac4b2a140b2b83atree
parent763efaf672a27297e274fbe526a3c49ea96904eecommit | diff
mail.cgi: Validate email recipient

The email recipient was not correctly validated which allowed for some
stored cross-site scripting vulnerability.

Fixes: #12925 - JVN#15411362 Inquiry on vulnerability found in IPFire
Reported-by: Noriko Totsuka <vuls@jpcert.or.jp>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
html/cgi-bin/mail.cgi diff | blob | blame | history
langs/de/cgi-bin/de.pl diff | blob | blame | history
langs/en/cgi-bin/en.pl diff | blob | blame | history
Michael's tree of IPFire 2.x.