Digi AnywhereUSB 14 allows XSS via a link for the Digi Page.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/155926/Digi-AnywhereUSB-14-Cross-Site-Scripting.html | Exploit Third Party Advisory VDB Entry |
https://gist.github.com/RNPG/e0d25ad51aa5c288b9005900f88a4f03 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
31 Jan 2023, 20:57
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://packetstormsecurity.com/files/155926/Digi-AnywhereUSB-14-Cross-Site-Scripting.html - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2020-01-09 21:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-18859
Mitre link : CVE-2019-18859
CVE.ORG link : CVE-2019-18859
JSON object : View
Products Affected
digi
- anywhereusb\/14
- anywhereusb\/14_firmware
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')