2 matches found
CVE-2014-3887
CVE-2014-3887 affects I-O DATA DEVICE RockDisk NAS devices. A cross-site scripting (XSS) vulnerability exists in firmware versions prior to 1.05e1-2.0.5 , allowing remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. The issue traces to an incomplete fix for ...
CVE-2014-3887
Cross-site scripting XSS vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-4713...