LauLeysen

1 exploit Active since Oct 2024
CVE-2024-46538 NOMISEC MEDIUM WORKING POC
pfSense 2.5.2 - Stored Cross-Site Scripting via $pconfig Variable in interfaces_groups_edit.php
A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php.
4 stars
CVSS 4.8