CVE-2019-12347

Published May 29th, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acme_accountkeys_edit.php action. The vulnerability occurs due to input validation errors.

pfsense/FreeBSD-ports

FreeBSD ports tree with pfSense changes

GitHub

515