AI Score
Confidence
High
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
OPNsense before 23.7.5 allows XSS via the index.php column_count parameter to the Lobby Dashboard.
github.com/opnsense/core/commit/484753b2abe3fd0fcdb73d8bf00c3fc3709eb8b7
github.com/opnsense/core/compare/23.7.4...23.7.5
www.x41-dsec.de/lab/advisories/x41-2023-001-opnsense