Pfsense - Pfsense Plus CVE - CVE Search - CVE Details

Filtered by vendor Pfsense Subscribe

Filtered by product Pfsense Plus

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-23993	1 Pfsense	2 Pfsense, Pfsense Plus	2022-04-29	4.3 MEDIUM	6.1 MEDIUM
/usr/local/www/pkg.php in pfSense CE before 2.6.0 and pfSense Plus before 22.01 uses $_REQUEST['pkg_filter'] in a PHP echo call, causing XSS.

Vulnerabilities (CVE)