CVE-2020-21487

Published: Apr 4, 2023

Modified: Feb 13, 2025

PUBLISHED

Description

Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8

https://redmine.pfsense.org/issues/9888

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-21487

Description

Affected Products

References