CVE-2019-16914

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-16914

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-16914.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-16914

Published

2019-09-26T18:15:10.743Z

Modified

2026-04-10T04:16:27.745695Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

An XSS issue was discovered in pfSense through 2.4.4-p3. In servicescaptiveportalmac.php, the username and delmac parameters are displayed without sanitization.

References

Affected packages

Git / github.com/pfsense/pfsense

Affected ranges

Type

GIT

Repo

https://github.com/pfsense/pfsense

Events

Introduced

Fixed

531aaac17018e117d0d0179d3c8ecfd22b6a6a7c

Introduced

Last affected

531aaac17018e117d0d0179d3c8ecfd22b6a6a7c

Introduced

Last affected

de4e0a799cd0e1e7267ecc67019c7befa362d8d0

Introduced

Last affected

3e552cec671e26b8108db4ff8e2f48009947dc1d

Introduced

Last affected

2bf6d4322622765bd1ce6ca8915ff75890885566

Fixed

d31362b69d5d52dc196dc72f66e830cd1e6e9a4f

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.4.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.4-NA"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.4-p1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.4-p2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.4.4-p3"
        }
    ]
}

Affected versions

Other

RELENG_2_2_BETA

Root_RELENG_1_2

v2.*

v2.4.4

v2.4.4_1

v2.4.4_2

v2.4.4_3

v2.4.4_GS

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-16914.json"