Unrated severityNVD Advisory· Published May 29, 2019· Updated Aug 4, 2024
CVE-2019-12347
CVE-2019-12347
Description
In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acme_accountkeys_edit.php action. The vulnerability occurs due to input validation errors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- pfSense/pfSensedescription
Patches
Vulnerability mechanics
References
5- packetstormsecurity.com/files/153112/pfSense-2.4.4-p3-Cross-Site-Scripting.htmlmitrex_refsource_MISC
- ctrsec.io/index.php/2019/05/28/stored-xss-acme-pfsense-2-4-4-p3/mitrex_refsource_MISC
- github.com/pfsense/FreeBSD-ports/commit/504909564079e540689dbdbed3a579483c614275mitrex_refsource_CONFIRM
- redmine.pfsense.org/issues/9554mitrex_refsource_MISC
- www.pfsense.org/download/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.