CVE-2019-12347

Published: May 29, 2019
Updated: Apr 13, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2019-12347" target="_blank" rel="noopener"> CVE-2019-12347
Severity: Medium
Exploit:

In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acme_accountkeys_edit.php action. The vulnerability occurs due to input validation errors.