KLA10528
Code injection vulnerability in pfsense
Updated: 06/01/2019
Detect date
?
04/01/2015
Severity
?
Warning
Description

Cross-site scripting vulnerabilities were found in pfSense. By exploiting these vulnerabilities malicious users can enject arbitrary sctip or HTML. These vulnerabilities can be exploited remotely via a specially designed parameters for web interface.

Affected products

pfSense versions earlier than 2.2.1

Solution

Update to the latest version
Get pfSense

Original advisories

pfSense advisory

Impacts
?
CI 
[?]
CVE-IDS
?
CVE-2015-22944.3Warning