Описание
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html.
Ссылки
- Issue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 6.2.63 (включая)
Одновременно
cpe:2.3:o:brightsign:4k242_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:brightsign:4k242:-:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00339
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html.
EPSS
Процентиль: 56%
0.00339
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79