CVSS: 6.1EPSS: 20%CPEs: 1EXPL: 2CVE-2022-35416
https://notcve.org/view.php?id=CVE-2022-35416
11 Jul 2022 — H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS. H3C SSL VPN versiones hasta 10-07-2022, permite una vulnerabilidad de tipo XSS en la cookie del archivo wnm/login/login.json svpnlang • https://github.com/safe3s/CVE-2022-35416 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 5%CPEs: 1EXPL: 3CVE-2010-0703 – PortWise SSL VPN 4.6 - 'reloadFrame' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-0703
23 Feb 2010 — Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL VPN 4.6 allows remote attackers to inject arbitrary web script or HTML via the reloadFrame parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en wa/auth en PortWise SSL VPN v4.6 permite a atacantes remotos inyectar secuencias arbitrarias de comandos web o HTML a través del parámetro "reloadFrame". • https://www.exploit-db.com/exploits/33653 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •