Security Advisory

CVE-2020-11457

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-04-01 15:47:58
Last updated 2024-08-04 11:28:14
Assigner mitre
State PUBLISHED

Description

pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user.

← Browse all CVEs View on cve.org ↗