CVE-2019-25373 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

OPNsense 19.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input t…
Medium CVSS: 5.1

CVE-2019-25373

OPNsense 19.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the category parameter. Attackers can send POST requests to firewall_rules_edit.php with script payloads in the category field to execute arbitrary JavaScript in the browsers of other users accessing firewall rule pages.
Vendor
Opnsense
Product
Opnsense
CWE
CWE-79
Yayın Tarihi
2026-02-15 14:16:07
Güncelleme
2026-02-18 19:13:06
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-79 Opnsense MEDIUM Opnsense 2026

Referanslar

https://forum.opnsense.org/index.php?topic=11469.0 https://opnsense.org https://www.exploit-db.com/exploits/46351 https://www.vulncheck.com/advisories/opnsense-stored-xss-via-firewallruleseditphp