4 matches found
GE Reason S20 Ethernet Switch Improper Neutralization of Input During Web Page Generation (CVE-2020-16242)
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts. This plugin only works with Tenable.ot. Please...
CVE-2020-16242
creationtimestamp| type| source ---|---|--- 2020-09-25 19:36:49+00:00| published-proof-of-concept| https://t.me/YemenShield/498...
CVE-2020-16242 GE Reason S20 Ethernet Switch
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts...
CVE-2020-16242
CVE-2020-16242 applies to GE Reason S20 Ethernet Switch. Affected products: S2020 and S2024 firmware versions prior to 07A06. Vulnerability: cross-site scripting (XSS) due to improper neutralization of input during web page generation (CWE-79) in the device’s WEB interface, potentially enabling a...