CVE-2019-25410

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.1 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N                                    

Vulnerability Description

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through the source and destination parameters. Attackers can submit POST requests to the policy routing endpoint with script payloads in these parameters to execute arbitrary JavaScript in users' browsers.

Vulnerability Details

Published Date

February 19, 2026

Last Modified

February 20, 2026

CWE ID

CWE-79

Source

NVD

Vendor

Cdome

Product

Comodo Dome Firewall

External References

https://cdome.comodo.com/firewall/
https://secure.comodo.com/home/purchase.php?pid=106&license=try&track=9278&af=9278
https://www.exploit-db.com/exploits/46408
https://www.vulncheck.com/advisories/comodo-dome-firewall-reflected-cross-site-scripting-via-policyrouting

CVE-2019-25410

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment