Cross site scripting

2014-09-2922:55:00

PRIOn knowledge base

www.prio-n.com

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.4%

JSON

Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section.

CPENameOperatorVersion
ea6500_firmwareeq1.1.28.147876

CPE	Name	Operator	Version
	ea6500_firmware	eq	1.1.28.147876

References

securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php

securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf