Vulnerabilities > Opnsense Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-03 | CVE-2017-1000479 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. | 8.8 |