Cross site scripting

2022-05-1618:15:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.9%

JSON

The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code.

CPENameOperatorVersion
cmt-ctrl01_firmwarelt20210302
cmt-fhd_firmwarelt20210208
cmt-g01_firmwarelt20210209
cmt-g02_firmwarelt20210209
cmt-g03_firmwarelt20210222
cmt-g04_firmwarelt20210222
cmt-hdm_firmwarelt20210204
cmt-svr-100_firmwarelt20210305
cmt-svr-102_firmwarelt20210305
cmt-svr-200_firmwarelt20210305

Name	Operator	Version
cmt-ctrl01_firmware	lt	20210302
cmt-fhd_firmware	lt	20210208
cmt-g01_firmware	lt	20210209
cmt-g02_firmware	lt	20210209
cmt-g03_firmware	lt	20210222
cmt-g04_firmware	lt	20210222
cmt-hdm_firmware	lt	20210204
cmt-svr-100_firmware	lt	20210305
cmt-svr-102_firmware	lt	20210305
cmt-svr-200_firmware	lt	20210305