XSS Vulnerability in HAProxy Package for pfSense

XSS Vulnerability in HAProxy Package for pfSense

CVE-2019-8953 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The HAProxy package before 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, related to haproxy_listeners.php and haproxy_listeners_edit.php.

Learn more about our Cis Benchmark Audit For Pfsense Firewall.