3 matches found
CVE-2018-14704
Cross-site scripting in the MySQL API error page in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to execute JavaScript via a malformed URL path...
CVE-2018-14704
CVE-2018-14704 affects Drobo 5N2 NAS (firmware around 4.0.5-13.28.96115) with a cross-site scripting vulnerability in the MySQL API error page. The issue arises from unsanitized data in the error page, allowing a remote attacker to execute JavaScript via a malformed URL path. Public references (N...
CVE-2018-14704
Cross-site scripting in the MySQL API error page in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to execute JavaScript via a malformed URL path...