CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2015-8258 – AXIS Communications - Cross-Site Scripting / Content Injection
https://notcve.org/view.php?id=CVE-2015-8258
AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability." Productos de AXIS Communications con firmware hasta la versión 5.80.x permiten a atacantes remotos modificar archivos arbitrarios como a través de vectores que involucran a Open Script Editor, también conocida como "vulnerabilidad de inyección de recursos". AXIS Communications with firmware versions prior to 5.80.x suffer from cross site scripting and content inclusion vulnerabilities. • https://www.exploit-db.com/exploits/41625 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •