CVE-2022-42247

pfsense/pfsense
on github

Published

Severity

CVSS v3:
6.1 MEDIUM
CVSS v2:
N/A

Description

pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name.

References

Configurations

CPE23Version StartVersion EndExact Version
cpe:2.3:a:pfsense:pfsense:2.5.2:*:*:*:*:*:*:*n/an/a2.5.2

External Links