Lucene search
China National Vulnerability DatabaseCNVD-2022-09780HistoryDec 29, 2021 - 12:00 a.m.
NUUO Network Video Recorder NVRsolo跨站脚本漏洞
2021-12-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
nuuo
network video recorder
nvrsolo
cross-site scripting
vulnerability
session hijacking
taiwan
china
user-submitted request parameters
malicious javascript code
session stealing
escaping
filtering
EPSS
0.001
Percentile
37.9%
A cross-site scripting vulnerability exists in NUUO Network Video Recorder (NVR), a network video recorder from NUUO, Taiwan, China, which stems from a lack of effective filtering and escaping of user-submitted request parameters, which could be exploited by an attacker to steal a user’s session by injecting malicious JavaScript code. could be exploited to steal a user’s session by injecting malicious JavaScript code, resulting in session hijacking.
Related
prion
prion
Cross site scripting
2021-12-28 15:15:00
cve
cve
CVE-2021-45812
2021-12-28 15:15:07
cvelist
cvelist
CVE-2021-45812
2021-12-28 14:26:44
nvd
nvd
CVE-2021-45812
2021-12-28 15:15:07