CVE-2019-25372 in OPNsense信息

摘要

由 MITRE • 2026-02-15

OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting insufficient input validation in the host parameter. Attackers can submit crafted payloads through POST requests to diag_traceroute.php to execute arbitrary JavaScript in the context of a user's browser session.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!