CVE-2025-34303 | IPFire up to 2.28 Web Interface /cgi-bin/ids.cgi IGNORE_ENTRY_REMARK cross site scripting

October 28, 2025 Yanac

A vulnerability was found in IPFire up to 2.28. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/ids.cgi of the component Web Interface. Such manipulation of the argument IGNORE_ENTRY_REMARK leads to cross site scripting.

This vulnerability is listed as CVE-2025-34303. The attack may be performed from remote. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More