cve/CVE-2012-4923.md at cc42bc5748fc98fd40a3aa78375c218fbbc9ad5d

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-14 20:08:44 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi.

POC

Reference

http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html
http://www.vulnerability-lab.com/get_content.php?id=436

Github

No PoCs found on GitHub currently.

838 B Raw Blame History

CVE-2012-4923

Description

POC

Reference

Github

838 B

Raw Blame History