Cross site scripting

2023-10-0519:15:00

PRIOn knowledge base

www.prio-n.com

milesight

devices

vulnerability

xss

admin panel

0.0005 Low

EPSS

Percentile

17.0%

JSON

Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel.

CPENameOperatorVersion
ur32_firmwarelt35.3.0.7
ur32l_firmwarelt35.3.0.7
ur35_firmwarelt35.3.0.7
ur41_firmwarelt35.3.0.7
ur51_firmwarelt35.3.0.7
ur52_firmwarelt35.3.0.7
ur55_firmwarelt35.3.0.7

Name	Operator	Version
ur32_firmware	lt	35.3.0.7
ur32l_firmware	lt	35.3.0.7
ur35_firmware	lt	35.3.0.7
ur41_firmware	lt	35.3.0.7
ur51_firmware	lt	35.3.0.7
ur52_firmware	lt	35.3.0.7
ur55_firmware	lt	35.3.0.7

References

gist.github.com/win3zz/c7eda501edcf5383df32fabe00938d13

0.0005 Low

EPSS

Percentile

17.0%

JSON

Related for PRION:CVE-2023-43260