Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Pfsense Subscribe
Filtered by product Pfsense Plus
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-23993 1 Pfsense 2 Pfsense, Pfsense Plus 2022-04-29 4.3 MEDIUM 6.1 MEDIUM
/usr/local/www/pkg.php in pfSense CE before 2.6.0 and pfSense Plus before 22.01 uses $_REQUEST['pkg_filter'] in a PHP echo call, causing XSS.