Описание
A stored cross-site scripting (XSS) vulnerability was discovered in pfSense 2.4.5-p1 which allows an authenticated attacker to execute arbitrary web scripts via exploitation of the load_balancer_monitor.php function.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:pfsense:pfsense:2.4.5:p1:*:*:*:*:*:*
EPSS
Процентиль: 64%
0.00465
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
A stored cross-site scripting (XSS) vulnerability was discovered in pfSense 2.4.5-p1 which allows an authenticated attacker to execute arbitrary web scripts via exploitation of the load_balancer_monitor.php function.
EPSS
Процентиль: 64%
0.00465
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79