CVE-2022-36368

Published October 24th, 2022

View on NVD ↗

CVSS v3

4.8

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Multiple stored cross-site scripting vulnerabilities in the web user interface of IPFire versions prior to 2.27 allows a remote authenticated attacker with administrative privilege to inject an arbitrary script.

ipfire/ipfire-2.xUNAVAILABLE

IPFire 2.x development tree

GitHub

213