CVE-2017-6443 – EPSON TMNet WebConfig 1.00 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-6443

05 Mar 2017 — Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1. Vulnerabilidad de XSS en EPSON TMNet WebConfig 1.00 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro W_AD1 a Forms/oadmin_1. EPSON TMNet WebConfig version 1.00 suffers from a persistent cross site scripting vulnerability. • https://packetstorm.news/files/id/141448 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •