ESF.pfSense.Squid.Clwarn.PHP.XSS
Description
This indicates an attack attempt against a Cross-Site Scripting vulnerability in ESF pfSense.
The vulnerability is due to insufficient validation of a maliciously crafted HTTP request. An attacker can exploit this to execute arbitrary script code within the context of the application.
Affected Products
PFSense Project PFSense 2.3.1-RELEASE-p1
Impact
System Compromise: Remote attackers can execute arbitrary script code within the context of application.
Recommended Actions
Upgrade to the latest version, available from the website.
https://www.pfsense.org/security/advisories/pfSense-SA-16_06.squid.asc
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |