Cross site scripting

2019-06-1120:29:00

PRIOn knowledge base

www.prio-n.com

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.7%

JSON

All versions up to V20.18.40.R7.B1of ZTE NetNumen DAP product have an XSS vulnerability. Due to the lack of correct validation of client data in WEB applications, which results in users being hijacked.

CPENameOperatorVersion
netnumen_dap_firmwareeq<= 20.18.40.r7.b1

CPE	Name	Operator	Version
	netnumen_dap_firmware	eq	<= 20.18.40.r7.b1

References

support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010797