Описание
There is a stored XSS vulnerability in ZTE home gateway product. An attacker could modify the gateway name by inserting special characters and trigger an XSS attack when the user views the current topology of the device through the management page.
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:zte:zxhn_f680_firmware:6.0.10p3n20:*:*:*:*:*:*:*
cpe:2.3:h:zte:zxhn_f680:-:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00589
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
почти 4 года назад
There is a stored XSS vulnerability in ZTE home gateway product. An attacker could modify the gateway name by inserting special characters and trigger an XSS attack when the user views the current topology of the device through the management page.
EPSS
Процентиль: 69%
0.00589
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79