CVE-2025-34301 MEDIUM

CVE-2025-34301: IPFire < v2.29 Stored XSS via Location Group Creation

Vendor Ipfire.org
Product IPFire
Weakness CWE-79 · XSS
Published October 28, 2025
Last update October 28, 2025
View on NVD All CVEs

CVSS base score

5.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

What the vulnerability does

01Description

IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code into the COUNTRY_CODE parameter when creating a location group. When a user adds a new location group, the application issues an HTTP POST request with the ACTION parameter set to savelocationgrp, and the value of the COUNTRY_CODE parameter determines the flag displayed for that group. The value of this parameter is stored and later rendered in the web interface without proper sanitization or encoding, allowing malicious scripts to be executed in the context of other users viewing the affected page.

Key dates

02Disclosure timeline

October 28, 2025 CVE published
October 28, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-31236 WordPress Royal Elementor Addons plugin <= 1.3.93 - Cross Site Scripting (XSS) vulnerability CVE-2019-25737 Live Chat Unlimited 2.8.3 Stored Cross-Site Scripting CVE-2026-3297 Page Builder: Pagelayer – Drag and Drop website builder <= 2.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Anchor Block CVE-2024-4718 Campcodes Complete Web-Based School Management System delete_student_grade_subject.php cross site scripting CVE-2025-59764 Multiple vulnerabilities in AndSoft's e-TMS