Bug #16339: Captive Portal ``backwardsyncpassword`` value not sanitized in status output - pfSense - pfSense bugtracker

Actions

Copy link

Bug #16339

closed

Captive Portal ``backwardsyncpassword`` value not sanitized in status output

Added by Jim Pingle about 2 months ago. Updated about 1 month ago.

Status:

Resolved

Priority:

Normal

Assignee:

Jim Pingle

Category:

Diagnostics

Target version:

2.9.0

Start date:

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

25.11

Release Notes:

Default

Affected Version:

Affected Architecture:

Description

The value of the backwardsyncpassword is not sanitized in the config.xml copy included in the output generated by status.php for TAC.

Actions

Copy link

Updated by Jim Pingle about 2 months ago

Status changed from In Progress to Feedback
% Done changed from 0 to 100

Applied in changeset 22a5e18fbfdabc5b9c7324302217a5d56208fcd1.

Actions

Copy link

Updated by Alhusein Zawi about 1 month ago

Status changed from Feedback to Resolved

Backup file: <radmac_secret>test123345</radmac_secret>

config.xml of status.php: <radmac_secret>xxxxx</radmac_secret>

25.11.a.20250730.0600

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #16339

Captive Portal ``backwardsyncpassword`` value not sanitized in status output

Updated by Jim Pingle about 2 months ago

Updated by Alhusein Zawi about 1 month ago