CVE-2024-54779 | THREATINT

Description

Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds is vulnerable to Cross Site Scripting (XSS) in widgets/log.widget.php.

PUBLISHED Reserved 2024-12-06 | Published 2025-05-14 | Updated 2025-05-20 | Assigner mitre

References

blog.brillantit.com/...e-xss-command-injection-cloud-hijack/

www.netgate.com/...dates-for-pfsense-plus-24.11-and-ce-2.7.2

docs.netgate.com/downloads/pfSense-SA-25_01.webgui.asc

cve.org (CVE-2024-54779)

nvd.nist.gov (CVE-2024-54779)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.

help @ threatint.eu