6 matches found
CVE-2019-25396
IPFire 2.21 Core Update 127 contains a reflected cross-site scripting vulnerability in the updatexlrator.cgi script that allows attackers to inject malicious scripts through POST parameters. Attackers can submit crafted requests with script payloads in the MAXDISKUSAGE or MAXDOWNLOADRATE paramete...
CVE-2019-25396 IPFire 2.21 Core Update 127 Reflected XSS via updatexlrator.cgi
IPFire 2.21 Core Update 127 contains a reflected cross-site scripting vulnerability in the updatexlrator.cgi script that allows attackers to inject malicious scripts through POST parameters. Attackers can submit crafted requests with script payloads in the MAXDISKUSAGE or MAXDOWNLOADRATE paramete...
CVE-2019-25396
IPFire 2.21 Core Update 127 is vulnerable to a reflected XSS in updatexlrator.cgi. Attackers can submit crafted POST requests with scripts in MAX_DISK_USAGE or MAX_DOWNLOAD_RATE to execute arbitrary JavaScript in users’ browsers. CVSS metrics are provided (CVSS 4.0 base 5.1, CVSS 3.1 base 6.1); n...
CVE-2019-25396 IPFire 2.21 Core Update 127 Reflected XSS via updatexlrator.cgi
IPFire 2.21 Core Update 127 contains a reflected cross-site scripting vulnerability in the updatexlrator.cgi script that allows attackers to inject malicious scripts through POST parameters. Attackers can submit crafted requests with script payloads in the MAXDISKUSAGE or MAXDOWNLOADRATE paramete...
PT-2026-20498
IPFire 2.21 Core Update 127 contains a reflected cross-site scripting vulnerability in the updatexlrator.cgi script that allows attackers to inject malicious scripts through POST parameters. Attackers can submit crafted requests with script payloads in the MAX DISK USAGE or MAX DOWNLOAD RATE...
IPFire 跨站脚本漏洞
IPFire is an open-source Linux distribution developed by the IPFire organization. It is primarily used as a router and firewall. Version 127 of IPFire 2.21 contains a cross-site scripting vulnerability. This vulnerability stems from insufficient input validation of the MAXDISKUSAGE or...