4 matches found
CVE-2020-19204
An authenticated Stored Cross-Site Scriptiong XSS vulnerability exists in Lightning Wire Labs IPFire 2.21 x8664 - Core Update 130 in the "routing.cgi" Routing Table Entries via the "Remark" text box or "remark" parameter. It allows an authenticated WebGUI user to execute Stored Cross-site Scripti...
CVE-2020-19204
The CVE-2020-19204 entry concerns Lightning Wire Labs IPFire 2.21 (x86_64) Core Update 130. Affected component: routing.cgi (Routing Table Entries) via the Remark/remark parameter. Root cause: an authenticated WebGUI user can trigger a Stored Cross-Site Scripting (XSS) in routing entries. Impact:...
CVE-2020-19202
An authenticated Stored XSS Cross-site Scripting exists in the "captive.cgi" Captive Portal via the "Title of Login Page" text box or "TITLE" parameter in IPFire 2.21 x8664 - Core Update 130. It allows an authenticated WebGUI user with privileges to execute Stored Cross-site Scripting in the...
CVE-2020-19202
An authenticated Stored XSS Cross-site Scripting exists in the "captive.cgi" Captive Portal via the "Title of Login Page" text box or "TITLE" parameter in IPFire 2.21 x8664 - Core Update 130. It allows an authenticated WebGUI user with privileges to execute Stored Cross-site Scripting in the...