CVE-2019-25424

Name of the Vulnerable Software and Affected Versions Comodo Dome Firewall version 2.7.0

Description A reflected cross-site scripting issue allows attackers to inject malicious scripts by submitting unsanitized input to the EXCEPTIONSITELIST parameter. By crafting POST requests to the "https exceptions" endpoint with script payloads, attackers can execute arbitrary JavaScript in users' browsers to steal session data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.