Security Advisory

CVE-2020-22158

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-09-14 15:23:51

Last updated 2024-08-04 14:51:10

Assigner mitre

State PUBLISHED

Description

MediaKind (formerly Ericsson) RX8200 5.13.3 devices are vulnerable to multiple reflected and stored XSS. An attacker has to inject JavaScript code directly in the "path" or "Services+ID" parameters and send the URL to a user in order to exploit reflected XSS. In the case of stored XSS, an attacker must modify the "name" parameter with the malicious code.

← Browse all CVEs View on cve.org ↗