Описание
Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:antlabs:inngate_ig_3.01_e:-:*:*:*:*:*:*:*
cpe:2.3:h:antlabs:inngate_ig_3.10_e:-:*:*:*:*:*:*:*
cpe:2.3:h:antlabs:inngate_ig_3.10_m:-:*:*:*:*:*:*:*
cpe:2.3:h:antlabs:inngate_ig_3100:-:*:*:*:*:*:*:*
cpe:2.3:h:antlabs:inngate_sg_4:-:*:*:*:*:*:*:*
cpe:2.3:h:antlabs:inngate_ssg_4:-:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00909
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
EPSS
Процентиль: 75%
0.00909
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79