{"id":"CVE-2020-26693","details":"A stored cross-site scripting (XSS) vulnerability was discovered in pfSense 2.4.5-p1 which allows an authenticated attacker to execute arbitrary web scripts via exploitation of the load_balancer_monitor.php function.","modified":"2026-03-14T10:24:13.640955Z","published":"2021-06-01T15:15:07.553Z","references":[{"type":"FIX","url":"https://github.com/pfsense/pfsense/commit/a220a22a8c05c10a7b875ac6b565f2c4fe7b251c"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pfsense/pfsense","events":[{"introduced":"0"},{"last_affected":"dba74e12841dbc7e92620225b7187c6e19540e87"},{"fixed":"a220a22a8c05c10a7b875ac6b565f2c4fe7b251c"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.4.5-p1"}]}}],"versions":["RELENG_2_2_BETA","Root_RELENG_1_2","v2.4.4","v2.4.4_1","v2.4.4_2","v2.4.4_3","v2.4.5","v2.4.5_1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-26693.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}]}