Page 3 of 54 results (0.036 seconds)

CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 1

A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode output from the filter reload process, and a stored XSS was possible via the descr (description) parameter on NAT rules. Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) almacenada en status_filter_reload.php, una página de la WebGUI del software pfSense, en la versión 2.4.4-p2 de Netgate pfSense y anteriores. La página no codificaba la salida del proceso de recarga del filtro, y era posible un XSS almacenado a través del parámetro descr (descripción) en las reglas NAT • https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html https://gist.github.com/dharmeshbaskaran/fd3779006361d07651a883e8a040d916 https://www.pfsense.org/download • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0

An authenticated Cross-Site Scripting (XSS) vulnerability was found in widgets/widgets/wake_on_lan_widget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget did not encode the descr (description) parameter of wake-on-LAN entries in its output, leading to a possible stored XSS. Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) autentificada en widgets/widgets/wake_on_lan_widget.php, un componente de la WebGUI del software pfSense, en la versión 2.4.4-p2 y anteriores. El widget no codificaba el parámetro descr (descripción) de las entradas de wake-on-LAN en su salida, lo que conducía a un posible XSS almacenado • https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html https://gist.github.com/dharmeshbaskaran/55d546496bfb0ba28117e846d8b785db https://www.netgate.com/assets/downloads/advisories/pfSense-SA-19_04.webgui.asc https://www.pfsense.org/download • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed. Una vulnerabilidad de tipo XSS reside en el campo hostname de la página diag_ping.php en pfsense versiones anteriores a 2.4.5. Después de pasar las entradas al comando y ejecutar este comando, la variable $result no es saneada antes de ser impresa. • https://docs.netgate.com/pfsense/en/latest/releases/2-4-5-new-features-and-changes.html https://github.com/pfsense/pfsense/commit/cc3990a334059018b004c91eeb66c147d8afe83d https://redmine.pfsense.org/issues/10355 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user. pfSense versiones anteriores a 2.4.5, presenta una vulnerabilidad de tipo XSS almacenado en el archivo system_usermanager_addprivs.php en la WebGUI por medio del parámetro descr (también se conoce como full name) de un usuario. pfSense version 2.4.4-P3 suffers from a User Manager persistent cross site scripting vulnerability. • https://www.exploit-db.com/exploits/48300 http://packetstormsecurity.com/files/157104/pfSense-2.4.4-P3-User-Manager-Cross-Site-Scripting.html https://github.com/pfsense/pfsense/commit/3c1e53dabe966f27c9097a5a923e77f49ae5fffa https://www.netgate.com/assets/downloads/advisories/pfSense-SA-20_06.webgui.asc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2

diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a "CSRF token expired" error and a Try Again button when a CSRF token is missing. El archivo diag_command.php en pfSense versión 2.4.4-p3, permite un ataque de tipo CSRF por medio del campo txtCommand o txtRecallBuffer, como es demostrado mediante la ejecución de comandos de Sistema Operativo. Esto se presenta porque la función csrf_callback() produce un error de "CSRF token expired" y un botón Try Again cuando un token CSRF está faltando. pfSense version 2.4.4-p3 suffers from a cross site request forgery vulnerability. • https://www.exploit-db.com/exploits/48714 http://packetstormsecurity.com/files/158614/pfSense-2.4.4-p3-Cross-Site-Request-Forgery.html https://pastebin.com/TEJdu9LN • CWE-352: Cross-Site Request Forgery (CSRF) •