Security Advisory

CVE-2023-34360

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-31 05:32:14

Last updated 2024-09-27 21:58:28

Assigner twcert

State PUBLISHED

Description

A stored cross-site scripting (XSS) issue was discovered within the Custom User Icons functionality of ASUS RT-AX88U running firmware versions 3.0.0.4.388.23110 and prior. After a remote attacker logging in device with regular user privilege, the remote attacker can perform a Stored Cross-site Scripting (XSS) attack by uploading image which containing JavaScript code.

← Browse all CVEs View on cve.org ↗