CVE-2019-25383 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 POST Request apcupsd.cgi cross site scripting (Exploit 46333)

A vulnerability described as problematic has been identified in Smoothwall Express 3.1-SP4-polar-x86_64-update9. Affected by this issue is some unknown functionality of the file apcupsd.cgi of the component POST Request Handler. Executing a manipulation of the argument BATTLEVEL/RTMIN/BATTDELAY/TO/ANNOY/UPSIP/UPSNAME/UPSPORT/POLLTIME/UPSUSER/NISPORT/UPSAUTH/EMAIL/FROM/CC/SMSEMAIL/SMTPSERVER/PORT/USER/EMAIL_PASSWORD can lead to cross site scripting.

The identification of this vulnerability is CVE-2019-25383. The attack may be launched remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More