CVE-2025-34305 | IPFire up to 2.28 Web Interface /var/ipfire/header.pl cleanhtml cross site scripting

A vulnerability, which was classified as problematic, was found in IPFire up to 2.28. This issue affects the function cleanhtml of the file /var/ipfire/header.pl of the component Web Interface. Such manipulation leads to cross site scripting.

This vulnerability is referenced as CVE-2025-34305. It is possible to launch the attack remotely. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More