Medium severity6.1NVD Advisory· Published Mar 31, 2022· Updated Jun 17, 2026
CVE-2021-20729
CVE-2021-20729
Description
Cross-site scripting vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlier) allows a remote attacker to inject an arbitrary script via a malicious URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- pfSense/pfSense CE and pfSense Plusv5Range: pfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlier
Patches
Vulnerability mechanics
References
2- docs.netgate.com/downloads/pfSense-SA-21_02.captiveportal.ascnvdThird Party Advisory
- jvn.jp/en/jp/JVN87751554/index.htmlnvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.