Количество 2
Количество 2
CVE-2025-34175
In pfSense CE /usr/local/www/suricata/suricata_filecheck.php, the value of the filehash parameter is directly displayed without sanitizing for HTML-related characters/strings. This can result in reflected cross-site scripting if the victim is authenticated.
GHSA-qp2j-287f-6vvg
In pfSense CE /usr/local/www/suricata/suricata_filecheck.php, the value of the filehash parameter is directly displayed without sanitizing for HTML-related characters/strings. This can result in reflected cross-site scripting if the victim is authenticated.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-34175 In pfSense CE /usr/local/www/suricata/suricata_filecheck.php, the value of the filehash parameter is directly displayed without sanitizing for HTML-related characters/strings. This can result in reflected cross-site scripting if the victim is authenticated. | CVSS3: 6.1 | 0% Низкий | 5 месяцев назад |
| GHSA-qp2j-287f-6vvg In pfSense CE /usr/local/www/suricata/suricata_filecheck.php, the value of the filehash parameter is directly displayed without sanitizing for HTML-related characters/strings. This can result in reflected cross-site scripting if the victim is authenticated. | CVSS3: 6.1 | 0% Низкий | 5 месяцев назад |
Уязвимостей на страницу