4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.88 High
EPSS
Percentile
98.6%
04/01/2015
Warning
Cross-site scripting vulnerabilities were found in pfSense. By exploiting these vulnerabilities malicious users can enject arbitrary sctip or HTML. These vulnerabilities can be exploited remotely via a specially designed parameters for web interface.
pfSense versions earlier than 2.2.1
Update to the latest version
Get pfSense
CI
CVE-2015-22944.3Warning
Public exploits exist for this vulnerability.