Описание
An attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "autorefresh" parameter.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:westermo:l206-f2g_firmware:4.24:*:*:*:*:*:*:*
cpe:2.3:h:westermo:l206-f2g:-:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00097
Низкий
5.4 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
около 2 лет назад
An attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "autorefresh" parameter.
EPSS
Процентиль: 27%
0.00097
Низкий
5.4 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79