Vulnerability Details CVE-2019-18667
/usr/local/www/freeradius_view_config.php in the freeradius3 package before 0.15.7_3 for pfSense on FreeBSD allows a user with an XSS payload as password or username to execute arbitrary javascript code on a victim browser.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.0%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2019-18667
-
cpe:2.3:a:pfsense:pfsense-pkg-freeradius3:*