mail.cgi: Validate email recipient

The email recipient was not correctly validated which allowed for some
stored cross-site scripting vulnerability.

Fixes: #12925 - JVN#15411362 Inquiry on vulnerability found in IPFire
Reported-by: Noriko Totsuka <vuls@jpcert.or.jp>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

html/cgi-bin/mail.cgi

@@ -283,6 +283,10 @@ sub checkmailsettings {
 			$errormessage .= "$Lang::tr{'email invalid'} $Lang::tr{'email mailsender'}<br>";
 		}
 	}
+	# Check for a valid recipient
+	if (!&General::validemail($cgiparams{'txt_recipient'})) {
+		$errormessage .= $Lang::tr{'email recipient invalid'} . "<br>";
+	}
 	return $errormessage;
 }
 

langs/de/cgi-bin/de.pl

@@ -963,6 +963,7 @@
 'email mailrcpt' => 'E-Mail-Empfänger',
 'email mailsender' => 'E-Mail-Absender',
 'email mailuser' => 'Benutzername',
+'email recipient invalid' => 'Ungültiger Emailempfänger',
 'email server can not be empty' => 'E-Mail-Server darf nicht leer sein',
 'email settings' => 'Mailversand',
 'email subject' => 'IPFire Test-E-Mail',

langs/en/cgi-bin/en.pl

@@ -1004,6 +1004,7 @@
 'email mailrcpt' => 'Mail Recipient',
 'email mailsender' => 'Mail Sender',
 'email mailuser' => 'Username',
+'email recipient invalid' => 'Invalid email recipient',
 'email server can not be empty' => 'E-mail server can not be empty',
 'email settings' => 'Mail Service',
 'email subject' => 'IPFire Test Mail',