6 matches found
CVE-2019-25374
OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by exploiting the passthroughnetworks parameter in vpnipsecsettings.php. Attackers can craft POST requests with JavaScript payloads in the passthroughnetworks parameter to execu...
CVE-2019-25374
OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by exploiting the passthroughnetworks parameter in vpnipsecsettings.php. Attackers can craft POST requests with JavaScript payloads in the passthroughnetworks parameter to execu...
CVE-2019-25374 OPNsense 19.1 Reflected XSS via vpn_ipsec_settings.php
OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by exploiting the passthroughnetworks parameter in vpnipsecsettings.php. Attackers can craft POST requests with JavaScript payloads in the passthroughnetworks parameter to execu...
CVE-2019-25374
OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by exploiting the passthroughnetworks parameter in vpnipsecsettings.php. Attackers can craft POST requests with JavaScript payloads in the passthroughnetworks parameter to execu...
EUVD-2019-19421
OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by exploiting the passthroughnetworks parameter in vpnipsecsettings.php. Attackers can craft POST requests with JavaScript payloads in the passthroughnetworks parameter to execu...
PT-2026-8246
OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by exploiting the passthrough networks parameter in vpn ipsec settings.php. Attackers can craft POST requests with JavaScript payloads in the passthrough networks parameter to...