CVE-2019-25426

Name of the Vulnerable Software and Affected Versions Comodo Dome Firewall version 2.7.0

Description A reflected cross-site scripting issue allows attackers to inject malicious scripts by submitting crafted input to the 'dnsmasq' endpoint. By sending POST requests containing script payloads in the TRANSPARENT SOURCE BYPASS or TRANSPARENT DESTINATION BYPASS parameters, an attacker can execute arbitrary JavaScript in the browsers of users.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.