]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commit
projects / people / pmueller / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cc826e8) | patch
mail.cgi: Validate email recipient
authorMichael Tremer <michael.tremer@ipfire.org>
Tue, 6 Sep 2022 11:58:22 +0000 (13:58 +0200)
committerPeter Müller <peter.mueller@ipfire.org>
Sun, 11 Sep 2022 08:11:56 +0000 (08:11 +0000)
commit7cb63527d96c4610171feb580c9fcd27c3af26b6
treef45ff764726135640daca6a6b649ea5128784f2atree | snapshot
parentcc826e8628141abce615699a8c10592233dc467ccommit | diff
mail.cgi: Validate email recipient

The email recipient was not correctly validated which allowed for some
stored cross-site scripting vulnerability.

Fixes: #12925 - JVN#15411362 Inquiry on vulnerability found in IPFire
Reported-by: Noriko Totsuka <vuls@jpcert.or.jp>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
html/cgi-bin/mail.cgi diff | blob | blame | history
langs/de/cgi-bin/de.pl diff | blob | blame | history
langs/en/cgi-bin/en.pl diff | blob | blame | history
Peter's tree of IPFire 2.x