Stored XSS Vulnerability in Untangle NG Firewall 14.2.0 Title Input Field

CVE-2019-18649 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

When logged in as an admin user, the Title input field (under Reports) within Untangle NG firewall 14.2.0 is vulnerable to stored XSS.

Learn more about our User Device Pen Test.