1 results (0.003 seconds)
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0
CVE-2018-25090 – Wago: Improper Neutralization of Input During Web Page Generation in multiple devices
https://notcve.org/view.php?id=CVE-2018-25090
An unauthenticated remote attacker can use an XSS attack due to improper neutralization of input during web page generation. User interaction is required. This leads to a limited impact of confidentiality and integrity but no impact of availability. Un atacante remoto no autenticado puede utilizar un ataque XSS debido a una neutralización inadecuada de la entrada durante la generación de la página web. Se requiere la interacción del usuario. • https://cert.vde.com/en/advisories/VDE-2023-039 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •