Vulnerabilities (CVE)

Filtered by vendor Pfsense Subscribe
Filtered by product Pfsense Plus
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-23993 1 Pfsense 2 Pfsense, Pfsense Plus 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
/usr/local/www/pkg.php in pfSense CE before 2.6.0 and pfSense Plus before 22.01 uses $_REQUEST['pkg_filter'] in a PHP echo call, causing XSS.