CVE-2023-44276

CVE-2023-44276

EPSS 0.5%

OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/opnsense/core/commit/484753b2abe3fd0fcdb73d8bf00c3fc3709eb8b7 https://github.com/opnsense/core/compare/23.7.4...23.7.5 https://www.x41-dsec.de/lab/advisories/x41-2023-001-opnsense