Описание
An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. User controlled input is not neutralized prior to being placed in web page output (CROSS-SITE SCRIPTING).
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:visonic:powerlink2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:visonic:powerlink2:-:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.0018
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. User controlled input is not neutralized prior to being placed in web page output (CROSS-SITE SCRIPTING).
EPSS
Процентиль: 40%
0.0018
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79