Cross site scripting

2019-04-0905:29:00

PRIOn knowledge base

www.prio-n.com

5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.4%

JSON

An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields.

CPENameOperatorVersion
nas326_firmwarele5.21

CPE	Name	Operator	Version
	nas326_firmware	le	5.21

References

maxwelldulin.com/BlogPost?post=3236967424