]> git.ipfire.org Git - ipfire-2.x.git/commitdiff
projects / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c431d86)
mail.cgi: Fixes bug 13891
authorAdolf Belka <adolf.belka@ipfire.org>
Thu, 25 Sep 2025 11:12:49 +0000 (13:12 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Thu, 2 Oct 2025 16:55:22 +0000 (16:55 +0000)
Fixes: bug 13891 - mail.cgi txt_mailuser txt_mailpass Stored Cross-Site Scripting
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
html/cgi-bin/mail.cgi patch | blob | blame | history

diff --git a/html/cgi-bin/mail.cgi b/html/cgi-bin/mail.cgi
index 0ed3dfeca9123abd01ad0d9425972276921002e7..aae4abc31e140d2f6cd2fa2dd0646415a1e54a66 100644 (file)
--- a/html/cgi-bin/mail.cgi
+++ b/html/cgi-bin/mail.cgi
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2020  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2025  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -102,8 +102,8 @@ if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}"){ #SaveButton on configsite
                $mail{'RECIPIENT'}              = $cgiparams{'txt_recipient'};
 
                if ($cgiparams{'txt_mailuser'} && $cgiparams{'txt_mailpass'}) {
-                       $auth{'AUTHNAME'}               = $cgiparams{'txt_mailuser'};
-                       $auth{'AUTHPASS'}               = $cgiparams{'txt_mailpass'};
+                       $auth{'AUTHNAME'}               = &Header::escape($cgiparams{'txt_mailuser'});
+                       $auth{'AUTHPASS'}               = &Header::escape($cgiparams{'txt_mailpass'});
                        $auth{'AUTHHOST'}               = $cgiparams{'txt_mailserver'};
                        print TXT1 "$auth{'AUTHNAME'}|$auth{'AUTHHOST'}:$auth{'AUTHPASS'}\n";
                }
IPFire 2.x development tree