CVE-2020-10797 is a vulnerability in Netgate Pfsense
Published on April 29, 2020
An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed.
Products Associated with CVE-2020-10797
Want to know whenever a new CVE is published for Netgate Pfsense? stack.watch will email you.
Exploit Probability
EPSS
2.61%
Percentile
85.37%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.