2 matches found
CVE-2015-4029
Cross-site scripting XSS vulnerability in the WebGUI in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the zone parameter in a del action to servicescaptiveportalzones.php...
CVE-2015-4029
pfSense WebGUI CVE-2015-4029 is an XSS in the captive portal zones management page. The flaw arises in services_captiveportal_zones.php when the zone parameter is used during a del action, enabling remote attackers to inject script/HTML into a victim’s browser. Affected releases are pfSense prior...