Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pfSense 1.2.3 and 2 beta 4 allow remote malicious users to inject arbitrary web script or HTML via the (1) ifnum or (2) ifname parameter, a different vulnerability than CVE-2008-1182.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bsdperimeter pfsense 1.2.3 |
||
bsdperimeter pfsense 2.0 |