CVE-2021-20729

Summary

Cross-site scripting vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlier) allows a remote attacker to inject an arbitrary script via a malicious URL.

Affected Software

VendorProductVersion RangeStatus
pfSensepfSense CE and pfSense PluspfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlieraffected

Weaknesses

  • Cross-site scripting

ADP Enrichment

CVE Program Container

Additional References

References