A reflected cross-site scripting (XSS) vulnerability in the component /ui/diagnostics/log/core/ of OPNsense Community Edition prior to 23.7 and Business Edition prior to 23.4.2 allows malicious users to inject arbitrary JavaScript via the URL path.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opnsense opnsense |