OPNsense 漏洞列表
共找到 6 个与 OPNsense 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2020-23015: OPNsense <=20.1.5 - Open Redirect POC
OPNsense through 20.1.5 contains an open redirect vulnerability via the url redirect parameter in the login page, which is not filtered. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. -
CVE-2023-39002: OPNsense - Cross-Site Scripting POC
A cross-site scripting (XSS) vulnerability in the act parameter of system_certmanager.php in OPNsense before 23.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. -
CVE-2023-39007: OPNsense - Cross-Site Scripting to RCE POC
There is a XSS in /ui/cron/item/open in the Cron component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 via openAction in app/controllers/OPNsense/Cron/ItemController.php. -
CVE-2020-23015: OPNsense <=20.1.5 - Open Redirect POC
OPNsense through 20.1.5 contains an open redirect vulnerability via the url redirect parameter in the login page, which is not filtered. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. -
CVE-2023-39002: OPNsense - Cross-Site Scripting POC
A cross-site scripting (XSS) vulnerability in the act parameter of system_certmanager.php in OPNsense before 23.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. -
CVE-2023-39007: OPNsense - Cross-Site Scripting to RCE POC
There is a XSS in /ui/cron/item/open in the Cron component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 via openAction in app/controllers/OPNsense/Cron/ItemController.php.