1 results (0.004 seconds)
CVSS: 5.4EPSS: 0%CPEs: 34EXPL: 0
CVSS: 5.4EPSS: 0%CPEs: 34EXPL: 0CVE-2023-34412 – Stored XXS vulnerability in mbnet, mbnet.rokey, REX 200 and REX 250
https://notcve.org/view.php?id=CVE-2023-34412
17 Aug 2023 — A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS). A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS). • https://cert.vde.com/en/advisories/VDE-2023-012 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •