1 results (0.001 seconds)
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 2
CVE-2022-45028
https://notcve.org/view.php?id=CVE-2022-45028
A cross-site scripting (XSS) vulnerability in Arris NVG443B 9.3.0h3d36 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha. Una vulnerabilidad de Cross-Site Scripting (XSS) en Arris NVG443B 9.3.0h3d36 permite a los atacantes ejecutar scripts web o HTML arbitrario a través de una solicitud POST manipulada enviada a /cgi-bin/logs.ha. • https://drive.google.com/file/d/1AHqvciVNMQpUoomFgtctnByewkkr24kB/view https://seanpesce.blogspot.com/2022/11/unauthenticated-stored-xss-in-arris.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •