CVE-2025-34305 IPFire < v2.29 Stored XSS via Multiple Methods in cleanhtml()

IPFire versions prior to 2.29 Core Update 198 contain multiple stored cross-site scripting XSS vulnerabilities caused by a bug in the cleanhtml function /var/ipfire/header.pl that fails to apply HTML-entity encoding to user input. When an authenticated user submits data to affected endpoints - fo...

CVE-2025-34305 IPFire < v2.29 Stored XSS via Multiple Methods in cleanhtml()

IPFire versions prior to 2.29 Core Update 198 contain multiple stored cross-site scripting XSS vulnerabilities caused by a bug in the cleanhtml function /var/ipfire/header.pl that fails to apply HTML-entity encoding to user input. When an authenticated user submits data to affected endpoints - fo...

CVE-2025-34305

IPFire before 2.29 (Core Update 198) contains multiple stored XSS flaws in the cleanhtml() function at /var/ipfire/header.pl. The bug prevents sanitized input from being written back to the output, so authenticated users submitting data to endpoints such as POST /cgi-bin/wakeonlan.cgi (CLIENT_COM...

CVE-2025-34310 IPFire < v2.29 Stored XSS via Quality of Service (QoS) Settings

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the INCSPD, OUTSPD, DEFCLASSINC, and DEFCLASSOUT parameters when updating Quality of Service QoS settings. When a...

CVE-2025-34310

IPFire (before 2.29 Core Update 198) is affected by a stored XSS in QoS settings. The vulnerability arises when updating QoS via /cgi-bin/qos.cgi, where INC_SPD, OUT_SPD, DEFCLASS_INC, and DEFCLASS_OUT values are stored and later rendered without proper sanitization, allowing an authenticated use...

CVE-2025-34310 IPFire < v2.29 Stored XSS via Quality of Service (QoS) Settings

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the INCSPD, OUTSPD, DEFCLASSINC, and DEFCLASSOUT parameters when updating Quality of Service QoS settings. When a...

CVE-2025-34315 IPFire < v2.29 Stored XSS via Remote Syslog Server Address

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the REMOTELOGADDR parameter when updating the remote syslog server address. When a user updates the Remote loggin...

CVE-2025-34315

IPFire prior to version 2.29 (Core Update 198) is affected by a stored cross-site scripting (XSS) vulnerability in the REMOTELOG_ADDR parameter used when updating the remote syslog server address. The value is submitted via POST to /cgi-bin/logs.cgi/config.dat and is stored and later rendered in ...

CVE-2025-34315 IPFire < v2.29 Stored XSS via Remote Syslog Server Address

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the REMOTELOGADDR parameter when updating the remote syslog server address. When a user updates the Remote loggin...

CVE-2025-34302 IPFire < v2.29 Stored XSS via Service Creation

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the PROT parameter when creating a new service. When a user adds a service, the application issues an HTTP POST...

CVE-2025-34302

CVE-2025-34302 affects IPFire versions prior to 2.29 (Core Update 198). The vulnerability is a stored cross-site scripting (XSS) in the PROT parameter used when creating a new service. An authenticated attacker can inject arbitrary JavaScript by manipulating PROT; the application stores this valu...

CVE-2025-34302 IPFire < v2.29 Stored XSS via Service Creation

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the PROT parameter when creating a new service. When a user adds a service, the application issues an HTTP POST...

CVE-2025-34314 IPFire < v2.29 Stored XSS via Time Constraint Rule URL Filter

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the SRC, DST, and COMMENT parameters when creating a time constraint rule. When a user adds a time constraint rul...

CVE-2025-34314

IPFire

CVE-2025-34314 IPFire < v2.29 Stored XSS via Time Constraint Rule URL Filter

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the SRC, DST, and COMMENT parameters when creating a time constraint rule. When a user adds a time constraint rul...

EUVD-2025-36524

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the QUOTAUSERS parameter when creating a user quota rule. When a user adds a new user quota rule the application...

CVE-2025-34313 IPFire < v2.29 Stored XSS via User Quota Rule URL Filter

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the QUOTAUSERS parameter when creating a user quota rule. When a user adds a new user quota rule the application...

CVE-2025-34313

IPFire

CVE-2025-34313 IPFire < v2.29 Stored XSS via User Quota Rule URL Filter

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the QUOTAUSERS parameter when creating a user quota rule. When a user adds a new user quota rule the application...

CVE-2025-34303 IPFire < v2.29 Stored XSS via Whitelisted Host Creation

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the IGNOREENTRYREMARK parameter when adding a whitelisted host. When a whitelisted host is added, an HTTP POST...