1 results (0.007 seconds)

CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0

An unauthenticated remote attacker can use an XSS attack due to improper neutralization of input during web page generation. User interaction is required. This leads to a limited impact of confidentiality and integrity but no impact of availability. Un atacante remoto no autenticado puede utilizar un ataque XSS debido a una neutralización inadecuada de la entrada durante la generación de la página web. Se requiere la interacción del usuario. • https://cert.vde.com/en/advisories/VDE-2023-039 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •