exploitDog

GHSA-rff5-9cw2-46c6

Опубликовано: 04 апр. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.6

Описание

Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php.

Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php.

Ссылки

EPSS

Процентиль: 72%

0.0071

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2020-21487

CVSS3: 9.6

nvd

почти 3 года назад

Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php.

EPSS

Процентиль: 72%

0.0071

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79