---

pfSense 2.2.4 BSD Firewall Fixes Multiple Stored XSS Vulnerabilities in the WebGUI

pfSense 2.2.4 is an important release that patches multiple stored XSS vulnerabilities in the software’s web-based interface, fixes various issues with the tcp package, mostly related to a resource depletion issue that occurred when the session was stuck in the LAST_ACK state, but affecting only pfSense systems where the listening ports were open to untrusted networks.