← volver
CVE-2021-47858

Genexis Platinum-4410 P4410-V2-1.31A - 'start_addr' Persistent Cross-Site Scripting

CVSS 5.1 MEDIUMEPSS 0.2%CWE-79
Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the 'start_addr' parameter of the Security Management interface. Attackers can inject malicious scripts through the start source address field that will persist and trigger for privileged users when they access the security management page.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
Productos afectados
Genexis · Platinum-4410

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://genexis.eu/product/platinum-series/https://www.exploit-db.com/exploits/49709https://www.vulncheck.com/advisories/genexis-platinum-p-a-startaddr-persistent-cross-site-scripting