diff --git a/html/cgi-bin/qos.cgi b/html/cgi-bin/qos.cgi index f3bbd1bf4..8400bafdf 100644 --- a/html/cgi-bin/qos.cgi +++ b/html/cgi-bin/qos.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team # +# Copyright (C) 2007-2025 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -652,7 +652,7 @@ if ($errormessage) { print < - +
END ; if ( $message ne "" ) { @@ -671,9 +671,11 @@ END END ; if (($qossettings{'OUT_SPD'} ne '') && ($qossettings{'INC_SPD'} ne '')) { + $qossettings{'OUT_SPD'} = &Header::escape($qossettings{'OUT_SPD'}); + $qossettings{'INC_SPD'} = &Header::escape($qossettings{'INC_SPD'}); print < -
+
 
$Lang::tr{'downlink speed'}: $qossettings{'INC_SPD'} @@ -683,9 +685,11 @@ END ; } if (($qossettings{'DEFCLASS_OUT'} ne '') && ($qossettings{'DEFCLASS_INC'} ne '')) { + $qossettings{'DEFCLASS_OUT'} = &Header::escape($qossettings{'DEFCLASS_OUT'}); + $qossettings{'DEFCLASS_INC'} = &Header::escape($qossettings{'DEFCLASS_INC'}); print < - +
$Lang::tr{'downlink std class'}: $qossettings{'DEFCLASS_INC'} @@ -695,7 +699,7 @@ END
- +
@@ -740,7 +744,7 @@ sub changedefclasses { &Header::openbox('100%', 'center', $Lang::tr{'std classes'}); print < - +
$Lang::tr{'no filter pass'}
$Lang::tr{'download'}: - +
@@ -843,7 +847,7 @@ sub parentclass { &Header::openbox('100%', 'center', $Lang::tr{'parentclass'}); print < -
$Lang::tr{'down and up speed'}
+
END ; if ( $message ne "" ) { @@ -936,7 +940,7 @@ sub level7rule { &Header::openbox('100%', 'center', $Lang::tr{'Level7 Rule'}); print < -
+
END ; if ( $message ne "" ) { @@ -982,7 +986,7 @@ sub portrule { &Header::openbox('100%', 'center', $Lang::tr{'Add Port Rule'}); print < -
+
$Lang::tr{'enter data'}
$Lang::tr{'protocol'}: +
END ; if ( $message ne "" ) {