CVE-2019-12347

2019-05-29T19:29:00
ID CVE-2019-12347
Type cve
Reporter cve@mitre.org
Modified 2019-05-30T15:09:00

Description

In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acme_accountkeys_edit.php action. The vulnerability occurs due to input validation errors.