2 matches found
CVE-2025-34303
creationtimestamp| type| source ---|---|--- 2025-10-28 15:43:37+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115452557190111700...
CVE-2025-34303 IPFire < v2.29 Stored XSS via Whitelisted Host Creation
IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the IGNOREENTRYREMARK parameter when adding a whitelisted host. When a whitelisted host is added, an HTTP POST...