CVE-2022-23993 vulnerability in pfSense Products
Published on January 26, 2022

/usr/local/www/pkg.php in pfSense CE before 2.6.0 and pfSense Plus before 22.01 uses $_REQUEST['pkg_filter'] in a PHP echo call, causing XSS.

NVD

Products Associated with CVE-2022-23993

stack.watch emails you whenever new vulnerabilities are published in pfSense or Pfsense Plus. Just hit a watch button to start following.

pfSense

Pfsense Plus

Exploit Probability

EPSS

0.24%

Percentile

46.84%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-23993 vulnerability in pfSense ProductsPublished on January 26, 2022

Products Associated with CVE-2022-23993

Exploit Probability

CVE-2022-23993 vulnerability in pfSense Products
Published on January 26, 2022