Vulnerabilities > Pfsense > Pfsense > 2.5.2

DATE CVE VULNERABILITY TITLE RISK
2022-10-03 CVE-2022-42247 Cross-site Scripting vulnerability in Pfsense 2.5.2
pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component.
network
low complexity
pfsense CWE-79
6.1
6.1
2022-03-01 CVE-2021-41282 Injection vulnerability in Pfsense 2.5.2
diag_routes.php in pfSense 2.5.2 allows sed data injection.
network
low complexity
pfsense CWE-74
critical
 9.0
9.0