Описание
An issue was discovered in Comcast Defined Technologies microeisbss through 2021. An attacker can inject a stored XSS payload in the Device ID field under Inventory Management to achieve Remote Code Execution and privilege escalation..
Ссылки
- Not Applicable
- ExploitPress/Media Coverage
- Not Applicable
- ExploitPress/Media Coverage
Уязвимые конфигурации
Конфигурация 1Версия до 2021 (включая)
cpe:2.3:a:xfinity:comcast_defined_technologies_microeisbss:*:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.19521
Средний
9 Critical
CVSS3
8 High
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 9
github
больше 2 лет назад
An issue was discovered in Comcast Defined Technologies microeisbss through 2021. An attacker can inject a stored XSS payload in the Device ID field under Inventory Management to achieve Remote Code Execution and privilege escalation..
EPSS
Процентиль: 95%
0.19521
Средний
9 Critical
CVSS3
8 High
CVSS3
Дефекты
CWE-79
CWE-79