CVE-2019-25417

EIP tracks 1 public exploit for CVE-2019-25417. PoCs published by Ozer Goker.

AI-analyzed exploit summary This exploit demonstrates multiple reflected and stored XSS vulnerabilities in Comodo Dome Firewall 2.7.0. It provides specific URLs, HTTP methods, parameters, and payloads to trigger XSS in various endpoints.

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the protocol parameter. Attackers can send POST requests to the QoS rules management endpoint with JavaScript payloads in the protocol parameter to execute arbitrary code in administrator browsers.