CVE-2021-42770

CVE-2021-42770

EPSS 1.3%

A Cross-site scripting (XSS) vulnerability was discovered in OPNsense before 21.7.4 via the LDAP attribute return in the authentication tester.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cert.orange.com https://github.com/orangecertcc/security-research/security/advisories/GHSA-r32j-xgg3-w2rw https://opnsense.org/opnsense-21-7-4-released/