PT-2023-26729 · Opnsense · Opnsense Community Edition +1

Name of the Vulnerable Software and Affected Versions: OPNsense Community Edition versions prior to 23.7 OPNsense Business Edition versions prior to 23.4.2 Description: The issue is related to insecure permissions in the directory /tmp. Recommendations: For OPNsense Community Edition versions pri...

Deciso OPNsense Cross-Site Scripting Vulnerability

Deciso OPNsense is a FreeBSD-based open source firewall and routing software from the Dutch company Deciso. A cross-site scripting vulnerability exists in OPNsense versions prior to 23.7, which stems from a cross-site scripting XSS vulnerability in the act parameter of the systemcertmanager.php...