Описание
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross site scripting in the appliance site name. The ETIC RAS web server saves the site name and then presents it to the administrators in a few different pages.
Ссылки
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 4.5.0 (исключая)
cpe:2.3:o:etictelecom:remote_access_server_firmware:*:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.00079
Низкий
4.8 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.8
github
около 1 года назад
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross site scripting in the appliance site name. The ETIC RAS web server saves the site name and then presents it to the administrators in a few different pages.
EPSS
Процентиль: 24%
0.00079
Низкий
4.8 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79