Описание
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross site scripting (XSS) attacks in get view method under view parameter. The ETIC RAS web server uses dynamic pages that get their input from the client side and reflect the input in their response to the client.
Ссылки
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 4.5.0 (исключая)
cpe:2.3:o:etictelecom:remote_access_server_firmware:*:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00086
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
около 1 года назад
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross site scripting (XSS) attacks in get view method under view parameter. The ETIC RAS web server uses dynamic pages that get their input from the client side and reflect the input in their response to the client.
EPSS
Процентиль: 25%
0.00086
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79