An XSS issue exists in pfSense up to and including 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netgate pfsense 2.4.4 |
||
netgate pfsense |