CVE-2025-34315

Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 (Core Update 198)

Description IPFire versions prior to 2.29 (Core Update 198) are susceptible to a stored cross-site scripting (XSS) issue. An authenticated attacker can inject arbitrary JavaScript code through the REMOTELOG ADDR parameter when updating the remote syslog server address. The application issues an HTTP POST request to /cgi-bin/logs.cgi/config.dat where the server address is provided in the REMOTELOG ADDR parameter. The value of this parameter is stored and rendered in the web interface without proper sanitation or encoding, enabling injected scripts to execute in the context of other users viewing the affected configuration page.

Recommendations Update to version 2.29 (Core Update 198) or later.