3 matches found
CVE-2020-10797
An XSS vulnerability resides in the hostname field of the diagping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed...
CVE-2020-10797
An XSS vulnerability resides in the hostname field of the diagping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed...
CVE-2020-10797
CVE-2020-10797 affects pfSense before 2.4.5. A cross-site scripting (XSS) vulnerability exists in the hostname field of diag_ping.php; after inputs are passed to the command and the command executes, the $result variable is not sanitized before being printed. Public references corroborate the XSS...