CVE-2019-25398 | IPFire up to 2.21 VPN Configuration ovpnmain.cgi cross site scripting (Exploit 46344 / EDB-46344)

A vulnerability, which was classified as problematic, was found in IPFire up to 2.21. This vulnerability affects unknown code of the file ovpnmain.cgi of the component VPN Configuration Handler. Such manipulation of the argument VPN_IP/DMTU/ccdname/ccdsubnet/DOVPN_SUBNET/DHCP_DOMAIN/DHCP_DNS/DHCP_WINS/ROUTES_PUSH/FRAGMENT/KEEPALIVE_1/KEEPALIVE_2 leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2019-25398. The attack can be launched remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More