CVE-2019-25429

Name of the Vulnerable Software and Affected Versions Comodo Dome Firewall version 2.7.0

Description Comodo Dome Firewall version 2.7.0 contains a reflected cross-site scripting issue that enables attackers to inject malicious scripts. This is achieved by submitting crafted input to the /openvpn advanced API endpoint. Specifically, attackers can inject JavaScript code through the GLOBAL NETWORKS and GLOBAL DNS parameters via POST requests, leading to the execution of arbitrary scripts in users' browsers.

Recommendations Update to a newer version that contains a fix for this vulnerability.