CVE-2025-34301 — IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code into the COUNTRY_COD — CVE Database · The Intelligence Room