CVE-2025-34172

CVE-2025-34172 affects pfSense CE (Netgate pfSense CE HAProxy package). The vulnerability exists in haproxy_stats.php where the value of the showsticktablecontent parameter is read from HTTP GET requests and then displayed, enabling reflected cross-site scripting when the victim is authenticated....

XSS vulnerability in /admin/chooseBuildsToMove.action resource

We have identified and fixed a reflected cross-site scripting XSS vulnerability in the Bamboo chooseBuildsToMove resource. This issue is reported in our security advisory on this page: https://confluence.atlassian.com/x/rQP5FQ You can read more about XSS attacks at:...