First published: Tue Jun 01 2021(Updated: )
A stored cross-site scripting (XSS) vulnerability was discovered in pfSense 2.4.5-p1 which allows an authenticated attacker to execute arbitrary web scripts via exploitation of the load_balancer_monitor.php function.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
pfSense pfSense | =2.4.5-p1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-26693 is a stored cross-site scripting (XSS) vulnerability discovered in pfSense 2.4.5-p1.
CVE-2020-26693 has a severity rating of 5.4, which is considered medium.
CVE-2020-26693 allows an authenticated attacker to execute arbitrary web scripts in pfSense 2.4.5-p1.
An attacker can exploit CVE-2020-26693 by exploiting the load_balancer_monitor.php function in pfSense 2.4.5-p1.
Yes, a fix for CVE-2020-26693 has been implemented in the pfSense 2.4.5-p1 release.