CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3576 – NPort 5100A Series Store XSS Vulnerability
https://notcve.org/view.php?id=CVE-2024-3576
The NPort 5100A Series firmware version v1.6 and prior versions are affected by web server XSS vulnerability. The vulnerability is caused by not correctly neutralizing user-controllable input before placing it in output. Malicious users may use the vulnerability to get sensitive information and escalate privileges. La serie NPort 5100A anterior a la versión 1.6 se ve afectada por una vulnerabilidad XSS del servidor web. La vulnerabilidad se debe a que no se neutralizan correctamente las entradas controlables por el usuario antes de colocarlas en la salida. • https://www.moxa.com/en/support/product-support/security-advisory/mpsa-246328-nport-5100a-series-store-xss-vulnerability • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •