4 matches found
CVE-2019-12347
In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acmeaccountkeysedit.php action. The vulnerability occurs due to input validation errors...
CVE-2019-12347
In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acmeaccountkeysedit.php action. The vulnerability occurs due to input validation errors...
CVE-2019-12347
In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acmeaccountkeysedit.php action. The vulnerability occurs due to input validation errors...
CVE-2019-12347
CVE-2019-12347 affects pfSense 2.4.4-p3 via a stored XSS in the ACME package: attackers can inject payloads into the Name or Description fields of acme_accountkeys_edit.php due to input validation errors. The issue originates from improper validation in the ACME package’s account key editing work...