KLA10528
Code injection vulnerability in pfsense
Обновлено: 17/06/2019
Дата обнаружения
01/04/2015
Уровень угрозы
Warning
Описание

Cross-site scripting vulnerabilities were found in pfSense. By exploiting these vulnerabilities malicious users can enject arbitrary sctip or HTML. These vulnerabilities can be exploited remotely via a specially designed parameters for web interface.

Пораженные продукты

pfSense versions earlier than 2.2.1

Решение

Update to the latest version
Get pfSense

Первичный источник обнаружения
pfSense advisory
Оказываемое влияние
?
CI 
[?]
CVE-IDS
CVE-2015-22944.3Warning