CVE-2025-34307

Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 (Core Update 198)

Description IPFire versions prior to 2.29 (Core Update 198) are susceptible to a stored cross-site scripting (XSS) issue. An authenticated attacker can inject arbitrary JavaScript code through the pienumber parameter when updating the firewall country search defaults. The application sends an HTTP POST request to the /cgi-bin/logs.cgi/firewalllogcountry.dat endpoint. The pienumber parameter’s value is stored and displayed in the web interface without sufficient sanitization, enabling script execution within the context of other users viewing the firewall country search settings.

Recommendations Update to version 2.29 (Core Update 198) or later.