Security Advisory

CVE-2020-25352

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-20 18:10:48

Last updated 2024-08-04 15:33:05

Assigner mitre

State PUBLISHED

Description

A stored cross-site scripting (XSS) vulnerability in the /devices.php function inrConfig 3.9.5 has been fixed for version 3.9.6. This vulnerability allowed remote attackers to perform arbitrary Javascript execution through entering a crafted payload into the Model field then saving.

← Browse all CVEs View on cve.org ↗