CVE-2020-19201
CVE-2020-19201 describes a stored XSS in pfSense WebGUI’s status_filter_reload.php affecting Netgate pfSense 2.4.4-p2 and earlier. The vulnerability arises because output from the filter reload process isn’t encoded, enabling an attacker to inject script via the descr parameter on NAT rules. Conn...