CVE-2019-25423
Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the /korugan/proxyconfig endpoint that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted POST requests with JavaScript payloads in parameters like PROXY_PORT, VISIBLE_HOSTNAME, ADMIN_MAIL_ADDRESS, CACHE_MEM, MAX_SIZE, MIN_SIZE, and DST_NOCACHE to execute arbitrary scripts in administrator browsers.
Vendor
Product
CWE
Yayın Tarihi
2026-02-19 13:16:16
Güncelleme
2026-02-20 17:16:35
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-