Security Advisory

CVE-2024-0554

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-16 10:08:29

Last updated 2025-06-02 15:11:31

Assigner INCIBE

State PUBLISHED

Description

A Cross-site scripting (XSS) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could store a malicious javascript payload in the device model parameter via /setup/diags_ir_learn.asp, allowing the attacker to retrieve the session details of another user.

← Browse all CVEs View on cve.org ↗