CVE-2020-21487

Published April 4th, 2023

View on NVD ↗

CVSS v3

9.6

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php.

pfsense/FreeBSD-ports

FreeBSD ports tree with pfSense changes

GitHub

515