Netgate.pfSense.ACME.acme_accountkeys_edit.php.Stored.XSS
Description
This indicates an attack attempt to exploit a Store Cross-Site Scripting Vulnerability in Netgate pfSense.
A remote, authenticated attacker could exploit this vulnerability by sending crafted requests to the target system. Successful exploitation could result in the execution of arbitrary JavaScript code by the browsers of other pfSense users.
Affected Products
Netgate pfSense prior to commit 504909564079e540689dbdbed3a579483c614275
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://redmine.pfsense.org/issues/9554#change-40729
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |