Want to get paid for a vulnerability similar to this one?
Contact us at: email@example.com
See our full scope at: https://blogs.securiteam.com/index.php/product_scope
The following advisory describes a stored cross site scripting that can be used to trigger remote code execution in Endian Firewall version 5.0.3.
Endian Firewall is a “turnkey Linux security distribution, which is an independent, unified security management operating system. The Endian Firewall is based on a hardened Linux operating system.”
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.
Endian has released patches to address this vulnerability.
For more information: https://help.endian.com/hc/en-us/articles/115012996087