Name of the Vulnerable Software and Affected Versions:

IPFire version 2.29

Description:

The web-based firewall interface (firewall.cgi) fails to sanitize several rule parameters, including PROT, SRC PORT, TGT PORT, dnatport, key, ruleremark, src addr, std net tgt, and tgt addr. This allows an authenticated administrator to inject persistent JavaScript. The resulting stored cross-site scripting (XSS) payload is executed when another administrator views the firewall rules page, potentially enabling session hijacking and unauthorized actions within the interface. Exploitation requires high-privilege GUI access and is considered low complexity.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.