CVE-2020-19204

Lightning Wire Labs IPFire 2.21 (x86_64) – Core Update 130 is affected by: Cross Site Scripting (XSS). The impact is: Session Hijacking (local). The component is: Affected at Routing configuration via the "Remark" text box or "remark" parameter. The attack vector is: Attacker need to craft the malicious javascript code.

Source: CVE-2020-19204