Vulnerability Details CVE-2022-29273
pfSense CE through 2.6.0 and pfSense Plus before 22.05 allow XSS in the WebGUI via URL Table Alias URL parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.451
EPSS Ranking 97.5%
CVSS Severity
CVSS v3 Score 6.1
References
- https://docs.netgate.com/downloads/pfSense-SA-22_05.webgui.asc
- https://docs.netgate.com/pfsense/en/latest/releases/index.html#current-and-upcoming-supported-releases
- https://redmine.pfsense.org/issues/13060
- https://docs.netgate.com/downloads/pfSense-SA-22_05.webgui.asc
- https://docs.netgate.com/pfsense/en/latest/releases/index.html#current-and-upcoming-supported-releases
- https://redmine.pfsense.org/issues/13060