Filtered by vendor Zenitel
Subscriptions
Filtered by product Ip-stationweb Firmware
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19927 | 1 Zenitel | 2 Ip-stationweb, Ip-stationweb Firmware | 2024-11-21 | N/A |
| Zenitel Norway IP-StationWeb before 4.2.3.9 allows stored XSS via the Display Name for Station Status or Account Settings, related to the goform/zForm_save_changes sip_nick parameter. The password of alphaadmin for the admin account may be used for authentication in some cases. | ||||
| CVE-2018-19926 | 1 Zenitel | 2 Ip-stationweb, Ip-stationweb Firmware | 2024-11-21 | N/A |
| Zenitel Norway IP-StationWeb before 4.2.3.9 allows reflected XSS via the goform/ PATH_INFO. | ||||
Page 1 of 1.