2 matches found
CVE-2015-4714
DreamBox DM500-S is vulnerable to a cross-site scripting (XSS) flaw (CVE-2015-4714) in its web interface. The vulnerability arises from unsanitized input in the mode parameter of the /body endpoint, enabling remote attackers to inject arbitrary script/HTML. OpenVAS NASL notes the vulnerability as...
CVE-2015-4714
Cross-site scripting XSS vulnerability in the DreamBox DM500-S allows remote attackers to inject arbitrary web script or HTML via the mode parameter to /body...