NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Reports-Devices.php page st[] parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-07-07T14:02:52
Updated: 2024-08-04T13:00:52.191Z
Reserved: 2020-06-24T00:00:00
Link: CVE-2020-15037
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-07-07T15:15:11.070
Modified: 2020-07-10T18:49:15.747
Link: CVE-2020-15037
Redhat
No data.