Multiple cross-site scripting (XSS) vulnerabilities in the Snort package prior to 3.0.13 for pfSense up to and including 2.1.4 allow remote malicious users to inject arbitrary web script or HTML via (1) the eng parameter to snort_import_aliases.php or (2) unspecified variables to snort_select_alias.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netgate pfsense |
||
netgate pfsense 2.1.3 |
||
pfsense snort package |