CVE-2019-25372 in OPNsenseinfo

Zusammenfassung

von MITRE • 15.02.2026

OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting insufficient input validation in the host parameter. Attackers can submit crafted payloads through POST requests to diag_traceroute.php to execute arbitrary JavaScript in the context of a user's browser session.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Zuständig

VulnCheck

Reservieren

15.02.2026

Veröffentlichung

15.02.2026

Moderieren

akzeptiert

Eintrag

VDB-346132

CPE

bereit

Exploit

Download

EPSS

0.00241

KEV

nein

Aktivitäten

very low

Quellen

Might our Artificial Intelligence support you?

Check our Alexa App!