2 matches found
CVE-2018-18880
In firmware version MS2.6.9900 of Columbia Weather MicroServer, a networkdiags.php reflected Cross-site scripting XSS vulnerability allows remote authenticated users to inject arbitrary web script...
CVE-2018-18880
CVE-2018-18880 affects Columbia Weather Systems Weather MicroServer firmware MS_2.6.9900. A cross-site scripting flaw in the page networkdiags.php allows remote authenticated users to inject arbitrary web scripts (CWE-79). Root cause: improper input handling in the affected web page. Impact is XS...