Design/Logic Flaw

2022-12-1322:15:00

PRIOn knowledge base

www.prio-n.com

linear e3-series

xss

badging component

vulnerability

nvd

0.001 Low

EPSS

Percentile

41.8%

JSON

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.

CPENameOperatorVersion
linear_emerge_e3_access_control_firmwareeq0.32.7101
linear_emerge_e3_access_control_firmwareeq0.32.7112
linear_emerge_e3_access_control_firmwareeq0.32.8101
linear_emerge_e3_access_control_firmwareeq0.32.8102
linear_emerge_e3_access_control_firmwareeq0.32.997
linear_emerge_e3_access_control_firmwareeq0.32.998
linear_emerge_e3_access_control_firmwareeq0.32.999

Name	Operator	Version
linear_emerge_e3_access_control_firmware	eq	0.32.7101
linear_emerge_e3_access_control_firmware	eq	0.32.7112
linear_emerge_e3_access_control_firmware	eq	0.32.8101
linear_emerge_e3_access_control_firmware	eq	0.32.8102
linear_emerge_e3_access_control_firmware	eq	0.32.997
linear_emerge_e3_access_control_firmware	eq	0.32.998
linear_emerge_e3_access_control_firmware	eq	0.32.999

References

github.com/omarhashem123/Security-Research/blob/main/CVE-2022-46381/CVE-2022-46381.txt

0.001 Low

EPSS

Percentile

41.8%

JSON

Related for PRION:CVE-2022-46381