16 matches found
EUVD-2020-8212
Malware in sbrugna...
EUVD-2020-8208
Malware in sbrugna...
GE Reason S20 Ethernet Switch Improper Neutralization of Input During Web Page Generation (CVE-2020-16246)
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site...
GE Reason S20 Ethernet Switch Improper Neutralization of Input During Web Page Generation (CVE-2020-16242)
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts. This plugin only works with Tenable.ot. Please...
CVE-2020-16246
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site...
CVE-2020-16246
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site...
Cross site scripting
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site...
CVE-2020-16246
The CVE-2020-16246 entry pertains to GE Reason S20 Ethernet Switches (S2020, S2024) affected by cross-site scripting due to improper neutralization of input during web page generation (CWE-79). Root cause: unvalidated/unsanitized input in the web interface enables crafted requests to render malic...
CVE-2020-16246 GE Reason S20 Ethernet Switch
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site...
CVE-2020-16242
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts...
CVE-2020-16242
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts...
Cross site scripting
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts...
CVE-2020-16242
CVE-2020-16242 applies to GE Reason S20 Ethernet Switch. Affected products: S2020 and S2024 firmware versions prior to 07A06. Vulnerability: cross-site scripting (XSS) due to improper neutralization of input during web page generation (CWE-79) in the device’s WEB interface, potentially enabling a...
CVE-2020-16242 GE Reason S20 Ethernet Switch
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts...
PT-2020-14835 · Reason · Reason S20 Ethernet Switch
Name of the Vulnerable Software and Affected Versions: Reason S20 Ethernet Switch affected versions not specified Description: The issue concerns a cross-site scripting XSS problem, which may allow an attacker to trick application users into performing critical actions, including adding and...
GE Reason S20 Ethernet Switch
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: General Electric Equipment: Reason S20 Ethernet Switch Vulnerabilities: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow unauthorized accounts...