CVE-2023-44276

CVE-2023-44276

EPSS 0.5%

OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/opnsense/core/commit/484753b2abe3fd0fcdb73d8bf00c3fc3709eb8b7 https://github.com/opnsense/core/compare/23.7.4...23.7.5 https://www.x41-dsec.de/lab/advisories/x41-2023-001-opnsense