Vulnerabilities > Netgate > Acme > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-12-15 CVE-2020-21219 Cross-site Scripting vulnerability in Netgate Acme and Pfsense
Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package.
network
low complexity
netgate CWE-79
6.1