Security Advisory

CVE-2019-13407

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-08-29 00:19:39

Last updated 2024-09-16 22:16:10

Assigner twcert

State PUBLISHED

Description

A XSS found in Advan VD-1 firmware versions up to 230. VD-1 responses a path error message when a requested resource was not found in page cgibin/ssi.cgi. It leads to a reflected XSS because the error message does not escape properly.

← Browse all CVEs View on cve.org ↗