5.1
CVE-2025-34308 - IPFire < v2.29 Stored XSS via Default Time Sync
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the UPDATE_VALUE parameter when updating the default time synchronization settings. When the default values dis…
5.1
CVE-2025-34318 - IPFire < v2.29 Stored XSS via DNS Creation (proxy.cgi)
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLS_HOSTNAME, UPSTREAM_USER, UPSTREAM_PASSWORD, ADMIN_MAIL_ADDRESS, and ADMIN_PASSWORD parameters when addi…
5.1
CVE-2025-34317 - IPFire < v2.29 Stored XSS via DNS Creation (dns.cgi)
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLS_HOSTNAME parameter when adding a new DNS entry. When a user adds a DNS entry, the application issues an…
5.1
CVE-2025-34309 - IPFire < v2.29 Stored XSS via Dynamic DNS Host
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the SERVICE, LOGIN, and PASSWORD parameters when creating or editing a Dynamic DNS host. When a new Dynamic DNS…
5.1
CVE-2025-34301 - IPFire < v2.29 Stored XSS via Location Group Creation
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code into the COUNTRY_CODE parameter when creating a location group. When a user adds a new location group, the application …
5.1
CVE-2025-34316 - IPFire < v2.29 Stored XSS via Mail Server Settings
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the txt_mailuser and txt_mailpass parameters when updating the mail server settings. When a user updates the ma…
5.1
CVE-2025-34305 - IPFire < v2.29 Stored XSS via Multiple Methods in cleanhtml()
IPFire versions prior to 2.29 (Core Update 198) contain multiple stored cross-site scripting (XSS) vulnerabilities caused by a bug in the cleanhtml() function (/var/ipfire/header.pl) that fails to apply HTML-entity encoding to user input. When an authenticated user submits data to affected endpoint…
5.1
CVE-2025-34310 - IPFire < v2.29 Stored XSS via Quality of Service (QoS) Settings
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the INC_SPD, OUT_SPD, DEFCLASS_INC, and DEFCLASS_OUT parameters when updating Quality of Service (QoS) settings…
5.1
CVE-2025-34315 - IPFire < v2.29 Stored XSS via Remote Syslog Server Address
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the REMOTELOG_ADDR parameter when updating the remote syslog server address. When a user updates the Remote log…
5.1
CVE-2025-34302 - IPFire < v2.29 Stored XSS via Service Creation
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the PROT parameter when creating a new service. When a user adds a service, the application issues an HTTP POST…