OPENSUSE-SU-2022:10209-1 Security update for tor

This update for tor fixes the following issues: tor 0.4.7.11: Improve security of DNS cache by randomly clipping the TTL value boo1205307, TROVE-2021-009 Improved defenses against network-wide DoS, multiple counters and metrics added to MetricsPorts Apply circuit creation anti-DoS defenses if the...

Security update for tor (moderate)

openSUSE Security Update: Security update for tor Announcement ID: openSUSE-SU-2022:10209-1 Rating: moderate References: 1205307 Affected Products: openSUSE Backports SLE-15-SP3 openSUSE Backports SLE-15-SP4 An update that contains security fixes can now be installed. Description: This update for...

CVE-2022-36368

Multiple stored cross-site scripting vulnerabilities in the web user interface of IPFire versions prior to 2.27 allows a remote authenticated attacker with administrative privilege to inject an arbitrary script...

Cross site scripting

Multiple stored cross-site scripting vulnerabilities in the web user interface of IPFire versions prior to 2.27 allows a remote authenticated attacker with administrative privilege to inject an arbitrary script...

CVE-2022-36368

Multiple stored cross-site scripting vulnerabilities in the web user interface of IPFire versions prior to 2.27 allows a remote authenticated attacker with administrative privilege to inject an arbitrary script...

CVE-2022-36368

Multiple stored cross-site scripting vulnerabilities in the web user interface of IPFire versions prior to 2.27 allows a remote authenticated attacker with administrative privilege to inject an arbitrary script...

CVE-2022-36368

IPFire WebUI (IPFire, prior to 2.27) is affected by multiple stored cross-site scripting vulnerabilities. The underlying issue allows a remote authenticated attacker with administrative privileges to inject arbitrary scripts through the web interface. Affected component is the web UI, with the ro...

PT-2022-23332 · Ipfire · Ipfire

Name of the Vulnerable Software and Affected Versions: IPFire versions prior to 2.27 Description: The issue allows a remote authenticated attacker with administrative privilege to inject an arbitrary script due to multiple stored cross-site scripting vulnerabilities in the web user interface...

IPFire WebUI vulnerable to cross-site scripting

Overview The web user interface of IPFire provided by IPFire Project contains multiple stored cross-site scripting vulnerabilities CWE-79. This analysis assumes a scenario where one administrative user prepares malicious content, and then another administrative user accesses this content, resulti...

IPFire 跨站脚本漏洞

IPFire is an open source Linux distribution from the IPFire organization. It is primarily used as a router and firewall. A security vulnerability exists in the IPFire WebUI that originates when an administrative user prepares a malicious script and then another administrative user accesses the...

JVN#15411362: IPFire WebUI vulnerable to cross-site scripting

The web user interface of IPFire provided by IPFire Project contains multiple stored cross-site scripting vulnerabilities CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is using the product. Solution Update the Software Update the Software to the latest...

CVE-2020-19204

An authenticated Stored Cross-Site Scriptiong XSS vulnerability exists in Lightning Wire Labs IPFire 2.21 x8664 - Core Update 130 in the "routing.cgi" Routing Table Entries via the "Remark" text box or "remark" parameter. It allows an authenticated WebGUI user to execute Stored Cross-site Scripti...

CVE-2020-19204

An authenticated Stored Cross-Site Scriptiong XSS vulnerability exists in Lightning Wire Labs IPFire 2.21 x8664 - Core Update 130 in the "routing.cgi" Routing Table Entries via the "Remark" text box or "remark" parameter. It allows an authenticated WebGUI user to execute Stored Cross-site Scripti...

Cross site scripting

An authenticated Stored Cross-Site Scriptiong XSS vulnerability exists in Lightning Wire Labs IPFire 2.21 x8664 - Core Update 130 in the "routing.cgi" Routing Table Entries via the "Remark" text box or "remark" parameter. It allows an authenticated WebGUI user to execute Stored Cross-site Scripti...

CVE-2020-19204

An authenticated Stored Cross-Site Scriptiong XSS vulnerability exists in Lightning Wire Labs IPFire 2.21 x8664 - Core Update 130 in the "routing.cgi" Routing Table Entries via the "Remark" text box or "remark" parameter. It allows an authenticated WebGUI user to execute Stored Cross-site Scripti...

CVE-2020-19204

The CVE-2020-19204 entry concerns Lightning Wire Labs IPFire 2.21 (x86_64) Core Update 130. Affected component: routing.cgi (Routing Table Entries) via the Remark/remark parameter. Root cause: an authenticated WebGUI user can trigger a Stored Cross-Site Scripting (XSS) in routing entries. Impact:...

Lightning Wire Labs IPFire 跨站脚本漏洞

Lightning Wire Labs IPFire is a Linux-based open source firewall from Lightning Wire Labs. It focuses on securing your network while being easy to operate and maintain. It offers many features such as VPN, advanced firewall configuration, and of course great performance in all environments. A...

IPFire Cross-Site Scripting Vulnerability

IPFire is a hardened, versatile Linux-based open source firewall. A cross-site scripting vulnerability exists in IPFire version 2.23. The vulnerability can be exploited by an attacker to conduct cross-site scripting attacks via the IPfire web UI in mail.cgi...

CVE-2020-21142

Cross Site Scripting XSS vulnerabilty in IPFire 2.23 via the IPfire web UI in the mail.cgi...

CVE-2020-21142

Cross Site Scripting XSS vulnerabilty in IPFire 2.23 via the IPfire web UI in the mail.cgi...