The vulnerability of the info.jsp component of InHand Networks’ InRouter302 microprogramming system allows attackers to execute cross-site scripting attacks.

The vulnerability of the info.jsp component of InHand Networks InRouter302 microprogramming system lies in the insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created web page...

CVE-2022-21238

A cross-site scripting xss vulnerability exists in the info.jsp functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary Javascript execution. An attacker can send an HTTP request to trigger this vulnerability...