Electric.Sheep.Fencing.pfSense.Multi.XSS
Description
This indicates an attack attempt against a Cross Site Scripting vulnerability in Electric Sheep Fencing pfSense firewall.
The vulnerability is due to insufficient validation of user supplied data in the application. A remote attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and execute arbitrary script code within context of the target users' browser.
Affected Products
Electric Sheep Fencing pfSense prior to 2.2.1
Impact
System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.pfsense.org/security/advisories/pfSense-SA-15_03.webgui.asc
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |