A number of security vulnerabilities were found in the wag management UI thanks to @lachlan2k
These issues do not impact the functionality of the port filtering or restrictions that wag may place on users. However they are severe in their own right and should be addressed immediately.
They have been present since v4.1.1 when the management UI was included.
Security Fixes:
- High Severity Stored XSS in the management console
- High Severity CSRF in the management console
- Low severity time based enumeration in the management console