CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6508

Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the descr parameter in a "new" action to system_authservers.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.074

EPSS Ranking 91.2%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2015-6508

Netgate » Pfsense » Version: 2.0

cpe:2.3:a:netgate:pfsense:2.0
Netgate » Pfsense » Version: 2.0.1

cpe:2.3:a:netgate:pfsense:2.0.1
Netgate » Pfsense » Version: 2.0.2

cpe:2.3:a:netgate:pfsense:2.0.2
Netgate » Pfsense » Version: 2.0.3

cpe:2.3:a:netgate:pfsense:2.0.3
Netgate » Pfsense » Version: 2.1.0

cpe:2.3:a:netgate:pfsense:2.1.0
Netgate » Pfsense » Version: 2.1.1

cpe:2.3:a:netgate:pfsense:2.1.1
Netgate » Pfsense » Version: 2.1.2

cpe:2.3:a:netgate:pfsense:2.1.2
Netgate » Pfsense » Version: 2.1.3

cpe:2.3:a:netgate:pfsense:2.1.3
Netgate » Pfsense » Version: 2.1.4

cpe:2.3:a:netgate:pfsense:2.1.4
Netgate » Pfsense » Version: 2.1.5

cpe:2.3:a:netgate:pfsense:2.1.5
Netgate » Pfsense » Version: 2.2

cpe:2.3:a:netgate:pfsense:2.2
Netgate » Pfsense » Version: 2.2.1

cpe:2.3:a:netgate:pfsense:2.2.1
Netgate » Pfsense » Version: 2.2.2

cpe:2.3:a:netgate:pfsense:2.2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6508

Products

Pricing

Contact Us