Описание
Control By Web X-400 devices are vulnerable to a cross-site scripting attack, which could result in private and session information being transferred to the attacker.
Ссылки
- MitigationThird Party AdvisoryUS Government Resource
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 2.8 (исключая)
Одновременно
cpe:2.3:o:controlbyweb:x-400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:controlbyweb:x-400:-:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00087
Низкий
4.5 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
почти 3 года назад
Control By Web X-400 devices are vulnerable to a cross-site scripting attack, which could result in private and session information being transferred to the attacker.
EPSS
Процентиль: 25%
0.00087
Низкий
4.5 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79