config.dat: Fixes bug 13890

commit c431d86ab882f1305f831a37c04491a7ae771e28 Author: Adolf Belka <adolf.belka@ipfire.org> Date: Thu Sep 25 13:12:48 2025 +0200 config.dat: Fixes bug 13890 Fixes: bug 13890 - config.dat REMOTELOG_ADDR Stored Cross-Site Scripting Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
2026-04-09 18:45:54 +02:00 · 2025-10-09 17:28:19 +00:00
parent 3a815d1814
commit e44245f5fb
1 changed files with 20 additions and 9 deletions
--- a/html/cgi-bin/logs.cgi/config.dat
+++ b/html/cgi-bin/logs.cgi/config.dat
@@ -1,13 +1,23 @@
 #!/usr/bin/perl
-#
+###############################################################################
-# IPFire CGIs
+#                                                                             #
-#
+# IPFire.org - A linux based firewall                                         #
-# This code is distributed under the terms of the GPL
+# Copyright (C) 2007-2025  IPFire Team  <info@ipfire.org>                     #
-#
+#                                                                             #
-# (c) The IPFire Team
+# This program is free software: you can redistribute it and/or modify        #
-#
+# it under the terms of the GNU General Public License as published by        #
-# $Id: config.dat,v 1.2.2.10 2005/06/14 12:32:07 eoberlander Exp $
+# the Free Software Foundation, either version 3 of the License, or           #
-#
+# (at your option) any later version.                                         #
 #                                                                             #
 # This program is distributed in the hope that it will be useful,             #
 # but WITHOUT ANY WARRANTY; without even the implied warranty of              #
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
 # GNU General Public License for more details.                                #
 #                                                                             #
 # You should have received a copy of the GNU General Public License           #
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
 #                                                                             #
 ###############################################################################
 use strict;
@@ -143,6 +153,7 @@ END
 &Header::closebox();
 &Header::openbox('100%', 'left', $Lang::tr{'remote logging'});
 $logsettings{'REMOTELOG_ADDR'} = &Header::escape($logsettings{'REMOTELOG_ADDR'});
 print <<END
 <table width='100%'>
 <tr>