Smoothwall Express Reflected Cross-Site Scripting Vulnerability

A reflected cross-site scripting vulnerability has been identified in Smoothwall Express version 3.1-SP4-polar-x86_64-update9. The issue resides in the 'dmzholes.cgi' script, where unvalidated parameters allow attackers to inject malicious scripts. By sending POST requests with script payloads in the 'SRC_IP', 'DEST_IP', or 'COMMENT' parameters, attackers can execute arbitrary JavaScript in the browsers of users.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where an attacker can inject and execute scripts in the context of the user's browser.

Reproduction

To reproduce this vulnerability, send a POST request to the 'dmzholes.cgi' script with a payload containing a script tag, including JavaScript code, in one of the following parameters: 'SRC_IP', 'DEST_IP', or 'COMMENT'. The injected script will be executed in the user's browser, demonstrating the cross-site scripting vulnerability.