CVE-2022-42247
on github
Published
Severity
CVSS v3:
6.1 MEDIUM
CVSS v2:
N/A
Description
pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:pfsense:pfsense:2.5.2:*:*:*:*:*:*:* | n/a | n/a | 2.5.2 |