Описание
A stored cross-site scripting (XSS) vulnerability in the PwdGrp.cgi endpoint of AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the username field.
Ссылки
- Not Applicable
- Broken Link
- Third Party AdvisoryExploit
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:avtech:dgm1104_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:avtech:dgm1104:-:*:*:*:*:*:*:*
EPSS
Процентиль: 13%
0.00044
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
2 месяца назад
A stored cross-site scripting (XSS) vulnerability in the PwdGrp.cgi endpoint of AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the username field.
EPSS
Процентиль: 13%
0.00044
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79