Cross-Site Scripting Vulnerability in Suricata Package by OISF
CVE-2014-4694

Currently unrated

Key Information:

Vendor: Pfsense
Status: Suricata Package; Pfsense
Vendor: CVE Published:; 2 July 2014

What is CVE-2014-4694?

Multiple cross-site scripting (XSS) vulnerabilities exist in the suricata_select_alias.php file within the Suricata package prior to version 1.0.6 for pfSense, impacting all versions up to 2.1.4. These vulnerabilities allow remote attackers to inject arbitrary web scripts or HTML through unspecified variables, potentially leading to unauthorized access and manipulation of web content.

References

https://pfsense.org/security/advisories/pfSense-SA-14_13....

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 2, 2014
Vulnerability Reserved
Jun 28, 2014

Pfsense

What is CVE-2014-4694?

References

Timeline