CVE-2024-54779 Information

Description

Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds is vulnerable to Cross Site Scripting (XSS) in widgets/log.widget.php.

Reference

http://netgate.com https://blog.brillantit.com/exploiting-pfsense-xss-command-injection-cloud-hijack/