I just noticed that this is even mentioned in Mandiant's Remediation + Hardening Guide from, on page 7:

https://www.connectwise.com/globalassets/media/asset-docs/ebook/screenconnect/connectwise-screenconnect-remediation-hardening-guide-1.pdf

● Enable X-Forwarded-For Request Header Logging. If a load balancer or reverse proxy server is
placed in front of ScreenConnect server(s), ensure that the X-Forwarded-For field is enabled to
capture the true external IP address associated with inbound requests.

Due to the recent CVE this definitely needs to be implemented ASAP.  We use Cloudflare WAF to protect the web interface of Screenconnect and without support for XFF headers, we don't see the real IP addresse in the audit logs.  Furthermore, the IP restriction feature for the host and admin pages doesn't work, as it only sees the connecting IPs of Cloudflare's infrastructure.

It'd be best if you could make the proxy IP header a custom variable so, it can be set to something other than X-Forwarded-For.  For example, Cloudflare delivery the connecting IP in the header CF-Connecting-IP which is more secure as it can't be spoofed:

https://developers.cloudflare.com/fundamentals/reference/http-request-headers/