heise online

Cross-site scripting: vulnerabilities in pfSense enable admin cookie theft

Security researchers have discovered several vulnerabilities in the web administration interface of the pfSense open source firewall that enable cross-site scripting (XSS), i.e. the injection of ...