Cross-Site Scripting (XSS) Vulnerability in freeradius_view_config.php

Cross-Site Scripting (XSS) Vulnerability in freeradius_view_config.php

CVE-2019-18667 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

/usr/local/www/freeradius_view_config.php in the freeradius3 package before 0.15.7_3 for pfSense on FreeBSD allows a user with an XSS payload as password or username to execute arbitrary javascript code on a victim browser.

Learn more about our Cis Benchmark Audit For Pfsense Firewall.