An error in the URL handler of the VIDEOJET multi 4000 may lead to a reflected cross site scripting (XSS) in the web-based interface. An attacker with knowledge of the encoder address can send a crafted link to a user, which will execute JavaScript code in the context of the user.
CPE | Name | Operator | Version |
---|---|---|---|
videojet_multi_4000_firmware | le | 6.31.0010 |