CVE-2019-25387

Name of the Vulnerable Software and Affected Versions Smoothwall Express version 3.1-SP4-polar-x86 64-update9

Description The software contains a reflected cross-site scripting issue that allows unauthenticated attackers to inject malicious scripts. Attackers can submit crafted input to the /xtaccess.cgi endpoint to achieve this. Specifically, script payloads can be injected through the EXT, DEST PORT, or COMMENT parameters via POST requests, leading to the execution of arbitrary JavaScript in victim browsers.

Recommendations Apply input validation and output encoding to the EXT, DEST PORT, and COMMENT parameters in the /xtaccess.cgi endpoint.