CVE-2020-19202

CVE-2020-19202

An authenticated Stored XSS (Cross-site Scripting) exists in the "captive.cgi" Captive Portal via the "Title of Login Page" text box or "TITLE" parameter in IPFire 2.21 (x86_64) – Core Update 130. It allows an authenticated WebGUI user with privileges for the affected page to execute Stored Cross-site Scripting in the Captive Portal page.

Source: CVE-2020-19202

댓글 남기기

이메일은 공개되지 않습니다. 필수 입력창은 * 로 표시되어 있습니다

Time limit is exhausted. Please reload the CAPTCHA.