Lucene search
HistoryNov 14, 2023 - 4:15 a.m.
CVE-2023-42325
netgate pfsense
xss vulnerability
status_logs_filter_dynamic.php
remote attacker
privileges
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
35.8%
Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the status_logs_filter_dynamic.php page.
Affected configurations
Node
netgatepfsenseMatch2.7.0
Related
prion
prion
Cross site scripting
2023-11-14 04:15:00
cve
cve
CVE-2023-42325
2023-11-14 04:15:07
cvelist
cvelist
CVE-2023-42325
2023-11-14 00:00:00
thn
thn
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
35.8%
Related for NVD:CVE-2023-42325