December 1st, 2004, 02:53 PM
IPCop Cross Site Scripting Vulnerability in "proxylog.dat"
Being a user of IPCop as a firewall/web filter for my home network I found info on an exploit for the latest version - 1.4.1 which has recently been released.
For full information and easy work around can be found here
A Cross Site Scripting vulnerability has been found in the IPCop web interface. The "proxylog.dat" page allows the IPCop administrators to review browsed websites that have been processed through Squid. By creating a specially crafted HTTP request, it is possible to inject script code into the "proxylog.dat" page. The variables "$url" and "$part" are not sanitized before being sent to the user. When the administrators view the page, the script code will be executed.