CVE-2019-25368 | OPNsense 19.1 diag_backup.php cross site scripting (Exploit 46351 / EDB-46351)

A vulnerability was found in OPNsense 19.1. It has been classified as problematic. Affected by this issue is some unknown functionality of the file diag_backup.php. The manipulation of the argument GDrive_GDriveEmail/GDrive_GDriveFolderID/GDrive_GDriveBackupCount/Nextcloud_url/Nextcloud_user/Nextcloud_password/Nextcloud_password_encryption/Nextcloud_backupdir leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2019-25368. The attack is possible to be carried out remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More