Reflected DOM-Based XSS vulnerability

- LogViewer Version: 4.6.x, 4.7.x

### Description:
Versions 4.6.x and 4.7.x are affected by a Reflected DOM-Based XSS vulnerability in the query log feature. Upon reviewing these versions, I found that the following code segments have not been escaped for XSS characters.
[4.6-bootstrap-3](https://github.com/ARCANEDEV/LogViewer/blob/v4.6/resources/views/bootstrap-3/show.blade.php)
[4.6-bootstrap-4](https://github.com/ARCANEDEV/LogViewer/blob/v4.6/resources/views/bootstrap-4/show.blade.php)
[4.7-bootstrap-3](https://github.com/ARCANEDEV/LogViewer/blob/v4.7/resources/views/bootstrap-3/show.blade.php)
[4.7-bootstrap-4](https://github.com/ARCANEDEV/LogViewer/blob/v4.7/resources/views/bootstrap-4/show.blade.php)
![log_viewer_code_xss](https://github.com/user-attachments/assets/3b71ff21-8705-4284-87ca-3e920c260357)

Therefore, users of these versions might be vulnerable to XSS attacks as shown in the poc image below
`https://REDACTED/log-viewer/logs/2024-08-07/all/search?query="><script>alert('Infected')</script>`
![poc](https://github.com/user-attachments/assets/327b30b3-be74-40aa-a1aa-77c5e2884053)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Reflected DOM-Based XSS vulnerability #467

Description:

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Reflected DOM-Based XSS vulnerability #467

Description

Description:

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions