pfSense 2.3.x < 2.3.5 / 2.4.x < 2.4.2 Multiple XSS Vulnerabilites (SA-17_08 / SA-17_09)
Medium Nessus Plugin ID 106506
SynopsisThe remote firewall host is affected by multiple vulnerabilities.
DescriptionAccording to its self-reported version number, the remote pfSense install is 2.3.x prior to 2.3.5 or 2.4.x prior to 2.4.2. It is, therefore, affected by multiple vulnerabilities as stated in the referenced vendor advisories.
Note: SA-17_09 only applies to 2.4.x.
SolutionUpgrade to pfSense version 2.3.5 / 2.4.2 or later.