Unrated severityNVD Advisory· Published Jan 26, 2022· Updated Aug 3, 2024
CVE-2022-23993
CVE-2022-23993
Description
/usr/local/www/pkg.php in pfSense CE before 2.6.0 and pfSense Plus before 22.01 uses $_REQUEST['pkg_filter'] in a PHP echo call, causing XSS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- docs.netgate.com/downloads/pfSense-SA-22_04.webgui.ascmitrex_refsource_MISC
- github.com/pfsense/pfsense/commit/5d82cce0d615a76b738798577a28a15803e59aebmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.