CVE-2013-7417
Affected software: IPCop Firewall (IPCop). Vulnerable component: web interface script at cgi-bin/ipinfo.cgi. Root cause: Cross-site scripting (XSS) via QUERY_STRING, with note that CSRF protection can be bypassed by Referer. Impact: remote attacker can inject arbitrary web scripts/HTML in users’ ...