exploitDog

GHSA-p5q9-gghv-g686

Опубликовано: 19 фев. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 6.1

Описание

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the VIRUS_ADMIN parameter. Attackers can send POST requests to the smtpconfig endpoint with script payloads to execute arbitrary JavaScript in the context of an administrator's browser session.

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the VIRUS_ADMIN parameter. Attackers can send POST requests to the smtpconfig endpoint with script payloads to execute arbitrary JavaScript in the context of an administrator's browser session.

Ссылки

EPSS

Процентиль: 6%

0.00022

Низкий

5.1 Medium

CVSS4

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2019-25425

CVSS3: 6.1

nvd

3 месяца назад

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the VIRUS_ADMIN parameter. Attackers can send POST requests to the smtpconfig endpoint with script payloads to execute arbitrary JavaScript in the context of an administrator's browser session.

EPSS

Процентиль: 6%

0.00022

Низкий

5.1 Medium

CVSS4

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79