Lucene search
PRIOn knowledge basePRION:CVE-2018-19922HistoryDec 06, 2018 - 10:29 p.m.
Cross site scripting
2018-12-0622:29:00
PRIOn knowledge base
www.prio-n.com
4
0.001 Low
EPSS
Percentile
45.4%
Persistent Cross-Site Scripting (XSS) in the advancedsetup_websiteblocking.html Website Blocking page of the Actiontec C1000A router with firmware through CAC004-31.30L.95 allows a remote attacker to inject arbitrary HTML into the Website Blocking page by inserting arbitrary HTML into the βTodUrlAddβ URL parameter in a /urlfilter.cmd POST request.
| CPE | Name | Operator | Version |
|---|---|---|---|
| c1000a_firmware | eq | <= cac4-31.30l.95 |
Related
cve
cve
CVE-2018-19922
2022-10-03 16:21:56
cvelist
cvelist
CVE-2018-19922
2022-10-03 16:21:56
nvd
nvd
CVE-2018-19922
2018-12-06 22:29:04